GHSA-P8WX-5F39-W3X4 NocoDB: SQL Injection via Column Title in Bulk GroupBy

Summary An authenticated user with column-create permission can inject SQL into the bulk groupBy endpoint by setting a column's title to a SQL fragment. Details The bulk groupBy path in group-by.ts builds three database-specific knex.raw aggregations that interpolate the request's columnname...

NocoDB: SQL Injection via Column Title in Bulk GroupBy

Summary An authenticated user with column-create permission can inject SQL into the bulk groupBy endpoint by setting a column's title to a SQL fragment. Details The bulk groupBy path in group-by.ts builds three database-specific knex.raw aggregations that interpolate the request's columnname...

PT-2026-43352

Name of the Vulnerable Software and Affected Versions Twenty CRM versions 1.7.7 through 1.16.7 Description A Remote Code Execution RCE issue exists via a chained SQL Injection and PostgreSQL COPY TO PROGRAM attack. If the Postgres user is a superuser, any authenticated user can execute arbitrary ...

CVE-2026-33142

OneUptime is a solution for monitoring and managing online services. Prior to version 10.0.34, the fix for CVE-2026-32306 ClickHouse SQL injection via aggregate query parameters added column name validation to the aggregateBy method but did not apply the same validation to three other query...

CVE-2026-33142 OneUptime: ClickHouse SQL Injection via unvalidated column identifiers in sort, select, and groupBy parameters

OneUptime is a solution for monitoring and managing online services. Prior to version 10.0.34, the fix for CVE-2026-32306 ClickHouse SQL injection via aggregate query parameters added column name validation to the aggregateBy method but did not apply the same validation to three other query...

CVE-2026-33142

OneUptime is a solution for monitoring and managing online services. Prior to version 10.0.34, the fix for CVE-2026-32306 ClickHouse SQL injection via aggregate query parameters added column name validation to the aggregateBy method but did not apply the same validation to three other query...

SUSE CVE-2024-36465

A low privilege regular Zabbix user with API access can use SQL injection vulnerability in include/classes/api/CApiService.php to execute arbitrary SQL commands via the groupBy parameter...

CVE-2024-36465

A low privilege regular Zabbix user with API access can use SQL injection vulnerability in include/classes/api/CApiService.php to execute arbitrary SQL commands via the groupBy parameter...

UBUNTU-CVE-2024-36465

A low privilege regular Zabbix user with API access can use SQL injection vulnerability in include/classes/api/CApiService.php to execute arbitrary SQL commands via the groupBy parameter...

CVE-2024-36465 SQL injection in Zabbix API

A low privilege regular Zabbix user with API access can use SQL injection vulnerability in include/classes/api/CApiService.php to execute arbitrary SQL commands via the groupBy parameter...

CVE-2024-41434

PingCAP TiDB v8.1.0 was discovered to contain a buffer overflow via the component Column.GetDecimal. This allows attackers to cause a Denial of Service DoS via a crafted input to the 'RemoveUnnecessaryFirstRow', it will check the expression between 'Agg' and 'GroupBy', but does not check the retu...

CVE-2024-41434

PingCAP TiDB v8.1.0 was discovered to contain a buffer overflow via the component Column.GetDecimal. This allows attackers to cause a Denial of Service DoS via a crafted input to the 'RemoveUnnecessaryFirstRow', it will check the expression between 'Agg' and 'GroupBy', but does not check the retu...

CVE-2024-41434

PingCAP TiDB v8.1.0 was discovered to contain a buffer overflow via the component Column.GetDecimal. This allows attackers to cause a Denial of Service DoS via a crafted input to the 'RemoveUnnecessaryFirstRow', it will check the expression between 'Agg' and 'GroupBy', but does not check the retu...

Design/Logic Flaw

Combodo iTop is a web based IT Service Management tool. In versions prior to 2.7.4, a non admin user can get access to many class/field values through GroupBy Dashlet error message. This issue is fixed in versions 2.7.4 and 3.0.0...

Combodo iTop 安全漏洞

Combodo iTop is a French company Combodo ITIL-based development and for the daily operation of the IT environment of open source Web applications. The program provides incident management, configuration management and problem management. Combodo iTop version 2.7.4 prior to a security vulnerabilit...

PT-2021-19921 · Comodo +1 · Itop +1

Name of the Vulnerable Software and Affected Versions: Combodo iTop versions prior to 2.7.4 Description: The issue allows a non-admin user to access many class/field values through a GroupBy Dashlet error message. Recommendations: For versions prior to 2.7.4, update to version 2.7.4 or 3.0.0 to...

InsightIDR’s Log Search: Recent Enhancements and Upcoming Investments

Log data is critical to ensuring that you have full visibility into what’s going on across your environment. Alongside endpoint and network data, log data enables teams to detect malicious activity, prove compliance, and have better visibility across their environment. Within InsightIDR, our Log...

What’s New in InsightIDR: Q3 2020 in Review

In July, we provided a rundown of what was new in InsightIDR, our cloud-based SIEM tool, from the first half of 2020 check out the blog post here for a recap. We’ve released some pretty great features and updates since then, so we thought it was time for another recap! This post offers a closer...

SQL Injection

apache-superset is vulnerable to SQL injection. The vulnerability allows an attacker to inject and execute arbitrary SQL statements using invalid column names in groupby, columns, filters, or metrics queries...

Google Monorail Cross-Site Search Vulnerability

Google Monorail is an issue tracker from Google USA. A security vulnerability exists in versions of Google Monorail prior to 2018-06-07. An attacker can exploit the vulnerability by sending a request with a specially crafted 'groupby' parameter value to obtain sensitive information about bug...