9 matches found
EUVD-2022-51881
Malicious code in bioql PyPI...
CVE-2022-4546
The Mapwiz WordPress plugin through 1.0.1 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin...
Sql injection
The Mapwiz WordPress plugin through 1.0.1 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin...
CVE-2022-4546
Mapwiz WordPress plugin (<= 1.0.1) is affected by a SQL injection due to improper sanitisation/escaping of input before SQL construction. Exploitation is described as possible by high-privilege users (e.g., admin) and is supported by multiple sources (NVD/Red Hat/CVE listing) noting an Admin+ ...
CVE-2022-4546 Mapwiz <= 1.0.1 - Admin+ SQLi
The Mapwiz WordPress plugin through 1.0.1 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin...
CVE-2022-4546 Mapwiz <= 1.0.1 - Admin+ SQLi
The Mapwiz WordPress plugin through 1.0.1 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin...
WordPress plugin Mapwiz SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerability exist...
WordPress Mapwiz Plugin <= 1.0.1 is vulnerable to SQL Injection
Software Mapwiz Type Plugin Vulnerable versions = 1.0.1 Fixed in N/A OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2022-4546 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID 5aebce0acd8a Credits Daniel Krohmer Required privilege Administrator Published 19...
Mapwiz <= 1.0.1 - Admin+ SQLi
The plugin does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin. POST /wp-admin/admin.php?page=myplug/muyplg.php&mid HTTP/1.1...