12 matches found
EUVD-2022-2394
Malicious code in bioql PyPI...
Silverstripe SiteTree Creation Permission Vulnerability
A vulnerability exists in the permission validation for SiteTree object creation. By default user permissions are not validated by the SiteTree::canCreate method, unless overridden by user code or via the configuration system. This vulnerability will allow users, or unauthenticated guests, to...
GHSA-3MM9-2P44-RW39 Silverstripe SiteTree Creation Permission Vulnerability
A vulnerability exists in the permission validation for SiteTree object creation. By default user permissions are not validated by the SiteTree::canCreate method, unless overridden by user code or via the configuration system. This vulnerability will allow users, or unauthenticated guests, to...
GHSA-4J6V-3895-8G2J silverstripe restfulserver and registry modules SQL injection vulnerability
SQL injection vulnerability in silverstripe/restfulserver module 1.0.x before 1.0.9, 2.0.x before 2.0.4, and 2.1.x before 2.1.2 and silverstripe/registry module 2.1.x before 2.1.1 and 2.2.x before 2.2.1 allows attackers to execute arbitrary SQL commands...
silverstripe restfulserver and registry modules SQL injection vulnerability
SQL injection vulnerability in silverstripe/restfulserver module 1.0.x before 1.0.9, 2.0.x before 2.0.4, and 2.1.x before 2.1.2 and silverstripe/registry module 2.1.x before 2.1.1 and 2.2.x before 2.2.1 allows attackers to execute arbitrary SQL commands...
CVE-2019-12149
SQL injection vulnerability in silverstripe/restfulserver module 1.0.x before 1.0.9, 2.0.x before 2.0.4, and 2.1.x before 2.1.2 and silverstripe/registry module 2.1.x before 2.1.1 and 2.2.x before 2.2.1 allows attackers to execute arbitrary SQL commands...
CVE-2019-12149
SQL injection vulnerability in silverstripe/restfulserver module 1.0.x before 1.0.9, 2.0.x before 2.0.4, and 2.1.x before 2.1.2 and silverstripe/registry module 2.1.x before 2.1.1 and 2.2.x before 2.2.1 allows attackers to execute arbitrary SQL commands...
Sql injection
SQL injection vulnerability in silverstripe/restfulserver module 1.0.x before 1.0.9, 2.0.x before 2.0.4, and 2.1.x before 2.1.2 and silverstripe/registry module 2.1.x before 2.1.1 and 2.2.x before 2.2.1 allows attackers to execute arbitrary SQL commands...
CVE-2019-12149
SQL injection vulnerability in silverstripe/restfulserver module 1.0.x before 1.0.9, 2.0.x before 2.0.4, and 2.1.x before 2.1.2 and silverstripe/registry module 2.1.x before 2.1.1 and 2.2.x before 2.2.1 allows attackers to execute arbitrary SQL commands...
CVE-2019-12149
The CVE-2019-12149 issue affects the silverstripe/restfulserver and silverstripe/registry modules. A SQL injection vulnerability exists due to improper input handling, allowing an attacker to execute arbitrary SQL commands. Affected versions: restfulserver 1.0.x before 1.0.9, 2.0.x before 2.0.4, ...
CVE-2019-12149: Potential SQL injection in restfulserver and registry modules
More info at https://www.silverstripe.org/download/security-releases/cve-2019-12149...
CVE-2019-12149: Potential SQL injection in restfulserver and registry modules
More info at https://www.silverstripe.org/download/security-releases/cve-2019-12149...