5 matches found
Sql injection
Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an attacker to query the connected databases. Affected versions are subject to SQL injection in the optimizesqltuningadvisor method of sqloptimize.py. User input comin...
CVE-2023-30556 SQL injection in sql_optimize.py optimize_sqltuningadvisor method in Archery - GHSL-2022-107
Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an attacker to query the connected databases. Affected versions are subject to SQL injection in the optimizesqltuningadvisor method of sqloptimize.py. User input comin...
CVE-2023-30556
CVE-2023-30556 concerns an SQL injection in Archery, an open source SQL audit platform. The vulnerability affects the function/flow where user input from the db_name parameter in sql_optimize.py is passed to the sqltuningadvisor method in oracle.py, enabling attackers to query connected databases...
CVE-2023-30556 SQL injection in sql_optimize.py optimize_sqltuningadvisor method in Archery - GHSL-2022-107
Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an attacker to query the connected databases. Affected versions are subject to SQL injection in the optimizesqltuningadvisor method of sqloptimize.py. User input comin...
CVE-2023-30556 SQL injection in sql_optimize.py optimize_sqltuningadvisor method in Archery - GHSL-2022-107
Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an attacker to query the connected databases. Affected versions are subject to SQL injection in the optimizesqltuningadvisor method of sqloptimize.py. User input comin...