8 matches found
EUVD-2024-28414
Malicious code in bioql PyPI...
CVE-2024-30494
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in 沈唁 OSS Aliyun.This issue affects OSS Aliyun: from n/a through 1.4.10...
OSS Aliyun < 1.4.11 - Authenticated (Administrator+) SQL Injection
Description The OSS Aliyun plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 1.4.10 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, wit...
CVE-2024-30494
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in 沈唁 OSS Aliyun.This issue affects OSS Aliyun: from n/a through 1.4.10...
CVE-2024-30494 WordPress OSS Aliyun plugin <= 1.4.10 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in 沈唁 OSS Aliyun.This issue affects OSS Aliyun: from n/a through 1.4.10...
CVE-2024-30494
CVE-2024-30494 is an SQL injection in the OSS Aliyun WordPress plugin (up to version 1.4.10). The vulnerability is due to improper neutralization of input in the plugin’s SQL commands and is labeled as Authenticated (Administrator+) SQL Injection . Public references in the supplied documents indi...
CVE-2024-30494 WordPress OSS Aliyun plugin <= 1.4.10 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in 沈唁 OSS Aliyun.This issue affects OSS Aliyun: from n/a through 1.4.10...
WordPress OSS Aliyun Plugin <= 1.4.10 is vulnerable to SQL Injection
Software OSS Aliyun Type Plugin Vulnerable versions = 1.4.10 Fixed in 1.4.11 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-30494 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID f4acc3b1af32 Credits Majed Refaea Required privilege Administrator...