Lucene search
+L

7 matches found

ptsecurity
ptsecurity
added 2026/07/07 12:0 a.m.7 views

PT-2026-56245

Name of the Vulnerable Software and Affected Versions DataEase versions prior to 2.10.24 Description A share mode chart data interface fails to validate whether the tableId and field IDs provided in the request body belong to the shared resource. It only verifies that the sceneId matches the...

7.1CVSS6.1AI score0.00238EPSS
Exploits0References7
ptsecurity
ptsecurity
added 2026/07/07 12:0 a.m.8 views

PT-2026-56252

Name of the Vulnerable Software and Affected Versions DataEase versions prior to 2.10.24 Description An authenticated user capable of creating or modifying chart definitions, or submitting chart data requests containing quota filters, can inject SQL into queries executed against configured...

8.7CVSS6.1AI score0.00266EPSS
Exploits0References8
veracode
veracode
added 2022/04/14 8:42 a.m.26 views

SQL Injection

apachesuperset is vulnerable to SQL injection. An attacker is able to inject malicious SQL via chart data requests...

9.8CVSS4.2AI score0.02788EPSS
Exploits0References5Affected Software1
attackerkb
attackerkb
added 2022/04/13 7:15 p.m.5 views

CVE-2022-27479

Apache Superset before 1.4.2 is vulnerable to SQL injection in chart data requests. Users should update to 1.4.2 or higher which addresses this issue...

9.8CVSS5.9AI score0.02788EPSS
Exploits0References4
nvd
nvd
added 2022/04/13 7:15 p.m.25 views

CVE-2022-27479

Apache Superset before 1.4.2 is vulnerable to SQL injection in chart data requests. Users should update to 1.4.2 or higher which addresses this issue...

9.8CVSS0.02788EPSS
Exploits0References3
prion
prion
added 2022/04/13 7:15 p.m.21 views

Sql injection

Apache Superset before 1.4.2 is vulnerable to SQL injection in chart data requests. Users should update to 1.4.2 or higher which addresses this issue...

7.5CVSS9.8AI score0.02788EPSS
Exploits0References3Affected Software1
pypa
pypa
added 2022/04/13 7:15 p.m.7 views

PYSEC-2022-188

Apache Superset before 1.4.2 is vulnerable to SQL injection in chart data requests. Users should update to 1.4.2 or higher which addresses this issue...

9.8CVSS8.1AI score0.02788EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder