15 matches found
EUVD-2022-5500
Malicious code in bioql PyPI...
CVE-2022-28111
MyBatis PageHelper v1.x.x-v3.7.0 v4.0.0-v5.0.0,v5.1.0-v5.3.0 was discovered to contain a time-blind SQL injection vulnerability via the orderBy parameter...
Mybatis-PageHelper SQL Injection Vulnerability
Mybatis-PageHelper is a paging plug-in. An SQL injection vulnerability exists in Mybatis-PageHelper versions 1.0 inclusive through 5.3.0 inclusive, which stems from the orderBy parameter's lack of validation for external input SQL statements. An attacker could use this vulnerability to execute...
GHSA-W559-623P-VFG8 MyBatis PageHelper vulnerable to time-blind SQL injection via orderBy parameter
MyBatis PageHelper versions 3.5.x through 5.3.x were discovered to contain a time-blind SQL injection vulnerability via the orderBy parameter...
MyBatis PageHelper vulnerable to time-blind SQL injection via orderBy parameter
MyBatis PageHelper versions 3.5.x through 5.3.x were discovered to contain a time-blind SQL injection vulnerability via the orderBy parameter...
cc.siyecao.mapper:clover-mapper (>=3.0.2 <=3.0.3), cc.siyecao.mapper:clover-mapper-dynamic (=3.0.2) +1206 more potentially affected by CVE-2022-28111 +1 more via com.github.pagehelper:pagehelper (>=3.6.4 <=5.3.0)
com.github.pagehelper:pagehelper MAVEN version =3.6.4, =3.0.2, =3.0.2, =3.0.2, =3.0.2, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =1.0.0, =0.0.1, =1.0.1, =1.2.0.RELEASE, =1.6.0.RELEASE and more Source cves: CVE-2022-28111, CVE-2022-42227 Source advisory: OSV:GHSA-W559-623P-VFG8...
PT-2022-26316 · Unknown +1 · Mybatis Pagehelper +1
Name of the Vulnerable Software and Affected Versions: jsonlint version 1.0 MyBatis PageHelper versions 3.5.x through 5.3.x Description: The issue involves a heap-buffer-overflow in jsonlint and a time-blind SQL injection vulnerability in MyBatis PageHelper. The jsonlint vulnerability occurs via...
CVE-2022-28111
MyBatis PageHelper v1.x.x-v3.7.0 v4.0.0-v5.0.0,v5.1.0-v5.3.0 was discovered to contain a time-blind SQL injection vulnerability via the orderBy parameter...
CVE-2022-28111
MyBatis PageHelper v1.x.x-v3.7.0 v4.0.0-v5.0.0,v5.1.0-v5.3.0 was discovered to contain a time-blind SQL injection vulnerability via the orderBy parameter...
CVE-2022-28111
MyBatis PageHelper v1.x.x-v3.7.0 v4.0.0-v5.0.0,v5.1.0-v5.3.0 was discovered to contain a time-blind SQL injection vulnerability via the orderBy parameter...
Sql injection
MyBatis PageHelper v1.x.x-v3.7.0 v4.0.0-v5.0.0,v5.1.0-v5.3.0 was discovered to contain a time-blind SQL injection vulnerability via the orderBy parameter...
CVE-2022-28111
CVE-2022-28111 concerns MyBatis PageHelper, affecting v1.x.x–3.7.0 and v4.0.0–5.0.0, plus v5.1.0–5.3.0. The root cause is a time-blind SQL injection via the orderBy parameter that allows external input to influence SQL statements without proper validation. Impact is described as high, with a netw...
PT-2022-18817 · Unknown · Mybatis Pagehelper
Name of the Vulnerable Software and Affected Versions: MyBatis PageHelper versions 1.x.x through 5.3.x Description: A time-blind SQL injection vulnerability was discovered in MyBatis PageHelper via the orderBy parameter. This issue allows for potential SQL injection attacks. Recommendations: For...
Mybatis-PageHelper SQL注入漏洞
Mybatis-PageHelper is a paging plug-in. An SQL injection vulnerability exists in Mybatis-PageHelper versions 1.0 inclusive through 5.3.0 inclusive, which stems from the orderBy parameter's lack of validation for external input SQL statements. An attacker could use this vulnerability to execute...
CVE-2022-28111
MyBatis PageHelper v1.x.x-v3.7.0 v4.0.0-v5.0.0,v5.1.0-v5.3.0 was discovered to contain a time-blind SQL injection vulnerability via the orderBy parameter...