MySQLjs SQL Injection Authentication Bypass

An SQL injection occurs when a value originating from the client's request is used within a SQL query without prior sanitisation. Typically, query escape functions or placeholders are known to prevent SQL injections. However, mysqljs/mysql is known to have different escape methods over different...

FreeBSD : postgresql -- encoding based SQL injection (17f53c1d-2ae9-11db-a6e2-000e0c2e438a)

The PostgreSQL development team reports : An attacker able to submit crafted strings to an application that will embed those strings in SQL commands can use invalidly-encoded multibyte characters to bypass standard string-escaping methods, resulting in possible injection of hostile SQL commands...

USN-303-1: MySQL vulnerability

An SQL injection vulnerability has been discovered when using less popular multibyte encodings such as SJIS, or BIG5 which contain valid multibyte characters that end with the byte 0x5c the representation of the backslash character ''''''...