5 matches found
CVE-2023-30465
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.5.0. By manipulating the "orderType" parameter and the ordering of the returned content using an SQL...
CVE-2023-30465
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.5.0. By manipulating the "orderType" parameter and the ordering of the returned content using an SQL...
CVE-2023-30465
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.5.0. By manipulating the "orderType" parameter and the ordering of the returned content using an SQL...
CVE-2023-30465 Apache InLong: SQL injection in apache inLong 1.5.0
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.5.0. By manipulating the "orderType" parameter and the ordering of the returned content using an SQL...
CVE-2023-30465
CVE-2023-30465 describes an SQL injection in Apache InLong (versions 1.4.0–1.5.0). The issue arises from improper neutralization of special elements in SQL commands, allowing manipulation of the orderType parameter to influence query ordering and potentially extract the username of the user with ...