CVE-2022-2593

The Better Search Replace WordPress plugin before 1.4.1 does not properly sanitise and escape table data before inserting it into a SQL query, which could allow high privilege users to perform SQL Injection attacks...

CVE-2022-2593

The Better Search Replace WordPress plugin before 1.4.1 does not properly sanitise and escape table data before inserting it into a SQL query, which could allow high privilege users to perform SQL Injection attacks...

Sql injection

The Better Search Replace WordPress plugin before 1.4.1 does not properly sanitise and escape table data before inserting it into a SQL query, which could allow high privilege users to perform SQL Injection attacks...

CVE-2022-2593 Better Search and Replace < 1.4.1 - Admin+ SQLi

The Better Search Replace WordPress plugin before 1.4.1 does not properly sanitise and escape table data before inserting it into a SQL query, which could allow high privilege users to perform SQL Injection attacks...

CVE-2022-2593

Summary: CVE-2022-2593 affects the WordPress plugin Better Search Replace, prior to version 1.4.1. The vulnerability arises from improper sanitization and escaping of table data before insertion into SQL queries, potentially enabling high-privilege users to perform SQL injection. The issue is doc...

WordPress plugin Better Search Replace SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A SQL injection vulnerability exists in the...

AZL-10595 CVE-2022-2625 affecting package postgresql for versions less than 14.5-1

A vulnerability was found in PostgreSQL. This attack requires permission to create non-temporary objects in at least one schema, the ability to lure or wait for an administrator to create or update an affected extension in that schema, and the ability to lure or wait for a victim to use the objec...

CVE-2022-2625

A vulnerability was found in PostgreSQL. This attack requires permission to create non-temporary objects in at least one schema, the ability to lure or wait for an administrator to create or update an affected extension in that schema, and the ability to lure or wait for a victim to use the objec...

Vulnerability in core server (CVE-2022-2625)

Extension scripts replace objects not belonging to the extension Some extensions use CREATE OR REPLACE or CREATE IF NOT EXISTS commands. Some don't adhere to the documented rule to target only objects known to be extension members already. An attack requires permission to create non-temporary...

WordPress Better Search Replace plugin <= 1.4 - Authenticated SQL Injection (SQLi) vulnerability

Authenticated SQL Injection SQLi vulnerability discovered by Christiaan Swiers in WordPress Better Search Replace plugin versions = 1.4. Solution Update the WordPress Better Search Replace plugin to the latest available version at least 1.4.1...

Better Search and Replace < 1.4.1 - Admin+ SQLi

The plugin does not properly sanitise and escape table data before inserting it into a SQL query, which could allow high privilege users to perform SQL Injection attacks PoC POST /wp-admin/tools.php?page=better-search-replace&bsr-ajax;=processsearchreplace HTTP/1.1 Accept: application/json,...

UBUNTU-CVE-2022-34481

In the nsTArrayImpl::ReplaceElementsAt function, an integer overflow could have occurred when the number of elements to replace was too large for the container. This vulnerability affects Firefox 102, Firefox ESR 91.11, Thunderbird 102, and Thunderbird 91.11...

Mozilla: Potential integer overflow in ReplaceElementsAt

The Mozilla Foundation Security Advisory describes this flaw as: In the nsTArrayImpl::ReplaceElementsAt function, where an integer overflow could occur when the number of elements to replace was too large for the container...

Mozilla: Potential integer overflow in ReplaceElementsAt

The Mozilla Foundation Security Advisory describes this flaw as: In the nsTArrayImpl::ReplaceElementsAt function, where an integer overflow could occur when the number of elements to replace was too large for the container...

Mozilla: Potential integer overflow in ReplaceElementsAt

The Mozilla Foundation Security Advisory describes this flaw as: In the nsTArrayImpl::ReplaceElementsAt function, where an integer overflow could occur when the number of elements to replace was too large for the container...

CVE-2022-34298

The NT auth module in OpenAM before 14.6.6 allows a "replace Samba username attack."...

OpenAM 安全漏洞

OpenAM Open Source Edition is an open source single sign-on framework. The product achieves transparent single sign-on e.g., centralized, distributed single sign-on in a network architecture by providing a core identity service Core Server. A security vulnerability exists in OpenAM that stems fro...

WordPress Better Find and Replace plugin SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. The WordPress plugin is an application plugin. versions prior to WordPress Better Find and Replace plugin 1.3.6 contain a SQL injection...

PT-2022-22114 · Openiam · Openam

Name of the Vulnerable Software and Affected Versions: OpenAM versions prior to 14.6.6 Description: The NT auth module in OpenAM allows a "replace Samba username attack." This issue may potentially be exploited to bypass authentication mechanisms. Recommendations: For versions prior to 14.6.6,...

Malicious code in axios-replace (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a686c9db8b278dabb3e76765ae41fd7caae4c05302f3ee663c7ff6781c5d4f1f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...