Malicious code in xml-sails-cluster-mysql (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e47d11e94efa1d8dcc50c9b7719f33a12c4ac87761659e74645fc502db56b0e8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

SQL Injection

sails-mysql is vulnerable to SQL injection. The sort keyword is not properly sanitized and may allow attackers to inject SQL statements and execute arbitrary SQL queries...

SQL Injection in sails-mysql

Versions of sails-mysql prior to 0.10.8 are vulnerable to SQL Injection. The sort keyword is not properly sanitized and may allow attackers to inject SQL statements and execute arbitrary SQL queries Recommendation Upgrade to version 0.10.8 or later...

GHSA-HX5X-49MM-VMHW SQL Injection in sails-mysql

Versions of sails-mysql prior to 0.10.8 are vulnerable to SQL Injection. The sort keyword is not properly sanitized and may allow attackers to inject SQL statements and execute arbitrary SQL queries Recommendation Upgrade to version 0.10.8 or later...

SQL Injection

Overview Versions of sails-mysql prior to 0.10.8 are vulnerable to SQL Injection. The sort keyword is not properly sanitized and may allow attackers to inject SQL statements and execute arbitrary SQL queries Recommendation Upgrade to version 0.10.8 or later. References - Github Issue - Snyk Repor...

collectortoqueue (>=1.2.10 <=1.2.26), gladys (>=2.1.5 <=2.1.9) +13 more potentially affected by CVE-2016-10551 via waterline-sequel (>=0.0.21 <=0.4.0)

waterline-sequel NPM version =0.0.21, =1.2.10, =2.1.5, =0.1.0, =0.1.0, =0.0.1, =0.0.1, =0.1.0, =0.0.1, =0.10.1, =0.0.1, =0.10.1, =0.7.3, =1.0.0-alpha.0, =0.1.0, =0.4.8 Source cves: CVE-2016-10551 Source advisory: OSV:GHSA-CGPP-WM2H-6HQX...