9 matches found
EUVD-2022-7485
Malicious code in bioql PyPI...
laravel-jqgrid vulnerable to SQL Injection
A vulnerability classified as critical was found in laravel-jqgrid. Affected by this vulnerability is the function getRows of the file src/Mgallegos/LaravelJqgrid/Repositories/EloquentRepositoryAbstract.php. The manipulation leads to sql injection. The name of the patch is...
GHSA-3FHJ-WPVJ-X5W8 laravel-jqgrid vulnerable to SQL Injection
A vulnerability classified as critical was found in laravel-jqgrid. Affected by this vulnerability is the function getRows of the file src/Mgallegos/LaravelJqgrid/Repositories/EloquentRepositoryAbstract.php. The manipulation leads to sql injection. The name of the patch is...
CVE-2021-4262
A vulnerability classified as critical was found in laravel-jqgrid. Affected by this vulnerability is the function getRows of the file src/Mgallegos/LaravelJqgrid/Repositories/EloquentRepositoryAbstract.php. The manipulation leads to sql injection. The name of the patch is...
Sql injection
A vulnerability classified as critical was found in laravel-jqgrid. Affected by this vulnerability is the function getRows of the file src/Mgallegos/LaravelJqgrid/Repositories/EloquentRepositoryAbstract.php. The manipulation leads to sql injection. The name of the patch is...
Laravel SQL注入漏洞
Laravel is a web application framework from the Laravel community. A security vulnerability exists in laravel-jqgrid, which stems from a problem with the function getRows in the file src/Mgallegos/LaravelJqgrid/Repositories/EloquentRepositoryAbstract.php, which can lead to sql injection...
Microsoft Windows ADO Recordset GetRows Use-After-Free Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
KingCms最新版(k9)注入1枚
简要描述: KingCms最新版(k9)注入1枚 详细说明: 朋友的公司想购买kingcms的授权,让我帮忙看下。发现kingcms很长一段时间没更新了,憋了一段时间放出了最新版的k92014-12-13更新,官网下下来学习一下。 在wooyun上看到了几个漏洞,如: WooYun: kingcms最新版sql注入漏洞 注入点:POST /apps/jianli/index.php HTTP/1.1 注入参数:where 问题文件在/apps/jianli/index.php function create $u=new user;$u-authrole'jianli'; $db=new...
Achievo <= 1.3.4 - SQL Injection
No description provided by source. Bonsai Information Security - Advisory http://www.bonsai-sec.com/research/ SQL Injection in Achievo 1. Advisory Information Title: SQL Injection in Achievo Advisory ID: BONSAI-2009-0102 Advisory URL:...