7 matches found
CVE-2026-6230
The Tainacan plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'geoquery' parameter in all versions up to and including 1.0.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible...
CVE-2026-6230
The CVE-2026-6230 entry concerns the Tainacan WordPress plugin vulnerable to a time-based blind SQL Injection via the REST API parameter 'geoquery' in all versions up to 1.0.3. Root cause is insufficient escaping of the user-supplied parameter and inadequate preparation of the existing SQL query,...
EUVD-2026-42215
The Tainacan plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'geoquery' parameter in all versions up to and including 1.0.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible...
CVE-2026-6230 Tainacan <= 1.0.3 - Unauthenticated SQL Injection via 'geoquery' REST API Parameter
The Tainacan plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'geoquery' parameter in all versions up to and including 1.0.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible...
CVE-2020-7923 Specific GeoQuery can cause DoS against MongoDB Server
A user authorized to perform database queries may cause denial of service by issuing specially crafted queries, which violate an invariant in the query subsystem's support for geoNear. This issue affects MongoDB Server v4.4 versions prior to 4.4.0-rc7; MongoDB Server v4.2 versions prior to 4.2.8...
CVE-2020-7923 Specific GeoQuery can cause DoS against MongoDB Server
A user authorized to perform database queries may cause denial of service by issuing specially crafted queries, which violate an invariant in the query subsystem's support for geoNear. This issue affects MongoDB Server v4.4 versions prior to 4.4.0-rc7; MongoDB Server v4.2 versions prior to 4.2.8...
Specific GeoQuery can cause DoS against MongoDB Server
A user authorized to perform database queries may cause denial of service by issuing specially crafted queries, which violate an invariant in the query subsystem's support for geoNear. This issue affects: MongoDB Inc. MongoDB Server v4.4 versions prior to 4.4.0-rc7; v4.2 versions prior to 4.2.8;...