Arbitrary Code Injection

Overview mindsql is a Text-2-SQL made easy in just a few lines of python. Affected versions of this package are vulnerable to Arbitrary Code Injection via the askdb function in mindsqlcore.py file. An attacker can execute arbitrary code by sending crafted input to the affected process. Remediatio...

MindSQL is vulnerable to Code Injection through its ask_db function

A vulnerability was found in Mindinventory MindSQL up to 0.2.1. Impacted is the function askdb of the file mindsql/core/mindsqlcore.py. Performing a manipulation results in code injection. The attack can be initiated remotely. The exploit has been made public and could be used. The vendor was...

CVE-2026-4507

A vulnerability was determined in Mindinventory MindSQL up to 0.2.1. The affected element is the function askdb of the file mindsql/core/mindsqlcore.py. Executing a manipulation can lead to sql injection. The attack can be launched remotely. The exploit has been publicly disclosed and may be...

CVE-2026-4507 Mindinventory MindSQL mindsql_core.py ask_db sql injection

A vulnerability was determined in Mindinventory MindSQL up to 0.2.1. The affected element is the function askdb of the file mindsql/core/mindsqlcore.py. Executing a manipulation can lead to sql injection. The attack can be launched remotely. The exploit has been publicly disclosed and may be...

CVE-2026-4506 Mindinventory MindSQL mindsql_core.py ask_db code injection

A vulnerability was found in Mindinventory MindSQL up to 0.2.1. Impacted is the function askdb of the file mindsql/core/mindsqlcore.py. Performing a manipulation results in code injection. The attack can be initiated remotely. The exploit has been made public and could be used. The vendor was...

PT-2026-26684

A vulnerability was found in Mindinventory MindSQL up to 0.2.1. Impacted is the function ask db of the file mindsql/core/mindsql core.py. Performing a manipulation results in code injection. The attack can be initiated remotely. The exploit has been made public and could be used. The vendor was...

MindSQL 代码注入漏洞

MindSQL is an open-source database interaction and retrieval enhancement generation library developed by MindInventory. Versions of MindSQL 0.2.1 and earlier contained a code injection vulnerability. This vulnerability stemmed from the askdb function in the mindsql/core/mindsqlcore.py file, which...

PT-2026-26685

A vulnerability was determined in Mindinventory MindSQL up to 0.2.1. The affected element is the function ask db of the file mindsql/core/mindsql core.py. Executing a manipulation can lead to sql injection. The attack can be launched remotely. The exploit has been publicly disclosed and may be...