2 matches found
CVE-2024-55586
Nette Database through 3.2.4 allows SQL injection in certain situations involving an untrusted filter that is directly passed to the where method. NOTE: the vendor's position is that this is intended behavior...
CVE-2024-55586
CVE-2024-55586 (Nette Database) : Affected software is Nette Database up to version 3.2.4. The vulnerability is a SQL injection vulnerability where an untrusted filter is passed directly to the where method, enabling manipulation of query logic. The vendor states this is intended behavior. Public...