GHSA-RRP4-2XX3-MV29 Command injection in gh-ost

Gh-ost version = 1.1.2 allows users to inject DSN strings via the -database parameter. This is a low severity vulnerability as the attacker must have access to the target host or trick an administrator into executing a malicious gh-ost command on a host running gh-ost, plus network access from ho...

WBCE CMS vulnerable to SQL injection

Overview WBCE CMS provided by WBCE Team is an open-source Contents Management System CMS. WBCE CMS contains an SQL injection vulnerability CWE-89. ASAI Ken reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An...