2 matches found
SQL Injection
mgallegos/laravel-jqgrid is vulnerable to SQL injection. The vulnerability exists in the getRows function in EloquentRepositoryAbstract.php because the library directly passes the values added at the end of query sorting to the database, allowing a malicious user to inject and execute arbitrary S...
CVE-2021-4262 laravel-jqgrid EloquentRepositoryAbstract.php getRows sql injection
A vulnerability classified as critical was found in laravel-jqgrid. Affected by this vulnerability is the function getRows of the file src/Mgallegos/LaravelJqgrid/Repositories/EloquentRepositoryAbstract.php. The manipulation leads to sql injection. The name of the patch is...