2 matches found
SQL Injection
catfan/Medoo is vulnerable to SQL injection. Improper escaping of user input string in the function columnQuote allows an attacker to inject and execute arbitrary SQL queries...
SQL Injection
Overview catfan/medoo is a lightweight PHP database framework to accelerate development. Affected versions of this package are vulnerable to SQL Injection. None Remediation Upgrade catfan/medoo to version 1.7.5 or higher. References - GitHub Commit Credit: Snyk Security Research Team...