EUVD-2024-34273

Malicious code in bioql PyPI...

CVE-2024-11837

Improper Neutralization of Special Elements used in an N1QL Command 'N1QL Injection' vulnerability in PlexTrac allows N1QL Injection.This issue affects PlexTrac: from 1.61.3 before 2.8.1...

CVE-2024-11837 N1QL Injection

Improper Neutralization of Special Elements used in an N1QL Command 'N1QL Injection' vulnerability in PlexTrac allows N1QL Injection.This issue affects PlexTrac: from 1.61.3 before 2.8.1...

CVE-2024-11837

CVE-2024-11837 describes a N1QL Injection in PlexTrac, affecting versions before 2.8.1 (from 1.61.3). Root cause: improper neutralization of special elements in N1QL commands. Impact as cited: high/critical in CVSS metrics, including potential confidentiality, integrity, and availability impact. ...

CVE-2024-11837 N1QL Injection

Improper Neutralization of Special Elements used in an N1QL Command 'N1QL Injection' vulnerability in PlexTrac allows N1QL Injection.This issue affects PlexTrac: from 1.61.3 before 2.8.1...

CVE-2024-11836 Server-side Request Forgery

Server-Side Request Forgery SSRF vulnerability in PlexTrac allowing requests to internal system resources.This issue affects PlexTrac: from 1.61.3 before 2.8.1...

GHSA-G622-R636-QFQH SQL Injection in Couchbase Sync Gateway

The Couchbase Sync Gateway 2.1.2 in combination with a Couchbase Server is affected by a previously undisclosed N1QL-injection vulnerability in the REST API. An attacker with access to the public REST API can insert additional N1QL statements through the parameters ?startkey? and ?endkey? of the...

CVE-2019-9039

The CVE-2019-9039 issue affects Couchbase Sync Gateway 2.1.2, where an attacker with access to the public REST API could inject additional N1QL statements via the startkey/endkey parameters on the _all_docs endpoint. The underlying vulnerability is a N1QL injection that could disclose sensitive d...