40 matches found
CVE-2026-33643
SQL Injection vulnerability in SchemaHero 0.23.0 via the column parameter to the mysqlColumnAsInsert function in file plugins/mysql/lib/column.go...
CVE-2026-33643
CVE-2026-33643 affects SchemaHero 0.23.0 with a SQL Injection flaw in the MySQL plugin path: the column.go processing in plugins/mysql/lib/column.go improperly handles the column parameter, allowing malicious input to alter table schema. Connected sources also describe similar risks in the Postgr...
CVE-2026-33643
SQL Injection vulnerability in SchemaHero 0.23.0 via the column parameter to the mysqlColumnAsInsert function in file plugins/mysql/lib/column.go...
EUVD-2021-1182
Malware in sbrugna...
CVE-2024-35056
NASA AIT-Core v2.5.2 was discovered to contain multiple SQL injection vulnerabilities via the querypackets and insert functions...
CVE-2024-47699
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential null-ptr-deref in nilfsbtreeinsert Patch series "nilfs2: fix potential issues with empty b-tree nodes". This series addresses three potential issues with empty b-tree nodes that can occur with corrupted...
FeehiCMS User[avatar] unrestricted upload
A vulnerability was found in FeehiCMS up to 2.1.1 and classified as critical. This issue affects the function insert of the file /admin/index.php?r=user%2Fcreate. The manipulation of the argument Useravatar leads to unrestricted upload. The attack may be initiated remotely. The exploit has been...
GHSA-XP68-7G33-F49M FeehiCMS User[avatar] unrestricted upload
A vulnerability was found in FeehiCMS up to 2.1.1 and classified as critical. This issue affects the function insert of the file /admin/index.php?r=user%2Fcreate. The manipulation of the argument Useravatar leads to unrestricted upload. The attack may be initiated remotely. The exploit has been...
GHSA-GPGJ-XRGW-8MX2 NASA AIT-Core vulnerable to SQL Injection
NASA AIT-Core v2.5.2 was discovered to contain multiple SQL injection vulnerabilities via the querypackets and insert functions...
NASA AIT-Core 安全漏洞
NASA AIT-Core is a Python-based software suite organized by NASA. A security vulnerability exists in NASA AIT-Core version v2.5.2 that stems from the inclusion of multiple SQL injection vulnerabilities via the querypackets and insert functions...
PT-2024-26300 · Nasa · Nasa Ait-Core
Name of the Vulnerable Software and Affected Versions: NASA AIT-Core version 2.5.2 Description: The issue concerns multiple SQL injection vulnerabilities. These vulnerabilities are present in the query packets and insert functions, allowing for potential SQL injection attacks. There is no...
WordPress Plugin WP Directory Kit 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery...
CVE-2022-47028
An issue discovered in Action Launcher for Android v50.5 allows an attacker to cause a denial of service via arbitary data injection to function insert...
PT-2023-15137 · Unknown · Action Launcher
Name of the Vulnerable Software and Affected Versions: Action Launcher for Android version 50.5 Description: An issue in Action Launcher for Android allows an attacker to cause a denial of service via arbitrary data injection to the insert function. Recommendations: For Action Launcher for Androi...
SUSE CVE-2014-3507
Memory leak in d1both.c in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote attackers to cause a denial of service memory consumption via zero-length DTLS fragments that trigger improper handling of the return value of a certain...
PT-2023-10224 · Unknown · Tutranta Project Todolist
Name of the Vulnerable Software and Affected Versions: tutranta project todolist affected versions not specified Description: A critical issue was found in the tutrantta project todolist, affecting the getAffectedRows/where/insert/update function in the library/Database.php library. This issue...
GHSA-RJ5F-7C8X-GJG4 Prototype Pollution in promisehelpers
All versions of package promisehelpers up to and including version 0.0.5 are vulnerable to Prototype Pollution via the insert function...
Prototype Pollution
promisehelpers is vulnerable to prototype pollution. The vulnerability exists as the insert function does not restrict proto headers to be set in objects...
CVE-2020-7723
All versions of package promisehelpers are vulnerable to Prototype Pollution via the insert function...
Code injection
All versions of package promisehelpers are vulnerable to Prototype Pollution via the insert function...