3 matches found
GHSA-FG4Q-CCQ8-3R5Q NHibernate SQL injection vulnerability in discriminator mappings, static fields referenced in HQL, and some utilities
Impact A SQL injection vulnerability exists in some types implementing ILiteralType.ObjectToSQLString. Callers of these methods are exposed to the vulnerability, which includes: - Mappings using inheritance with discriminator values: - The discriminator value could be written in the mapping in a...
The vulnerability of the ComponentManager.StartupCultureSettings component of the CODESYS Development System application programming framework allows a attacker to execute arbitrary commands.
The vulnerability of the ComponentManager.StartupCultureSettings component in the CODESYS Development System application development framework is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows an attacker to execute arbitrary commands...
PT-2021-7766 · 3S Smart Software Solutions · Codesys Development System
Name of the Vulnerable Software and Affected Versions: CODESYS Development System versions 3.5.16 through 3.5.17 Description: A unsafe deserialization vulnerability exists in the ComponentModel ComponentManager.StartupCultureSettings functionality. This issue can be exploited by providing a...