43 matches found
EUVD-2024-40445
Malicious code in bioql PyPI...
EUVD-2024-40442
Malicious code in bioql PyPI...
EUVD-2024-40443
Malicious code in bioql PyPI...
EUVD-2024-40441
Malicious code in bioql PyPI...
EUVD-2024-48722
Malicious code in bioql PyPI...
EUVD-2024-40444
Malicious code in bioql PyPI...
EUVD-2025-24002
Malicious code in bioql PyPI...
CVE-2025-50465
OpenMetadata =1.4.4 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the TestDefinitionDAO interface. The testPlatform parameter can be used to build a SQL query...
SQL Injection
Overview Affected versions of this package are vulnerable to SQL Injection via the listCount function in the TestDefinitionDAO interface when the testPlatform parameter is used to construct a SQL query. An attacker can extract sensitive information from the database by injecting crafted input int...
CVE-2025-50465
OpenMetadata =1.4.4 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the TestDefinitionDAO interface. The testPlatform parameter can be used to build a SQL query...
CVE-2025-50465
OpenMetadata =1.4.4 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the TestDefinitionDAO interface. The testPlatform parameter can be used to build a SQL query...
CVE-2025-50465
OpenMetadata =1.4.4 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the TestDefinitionDAO interface. The testPlatform parameter can be used to build a SQL query...
PT-2025-32376 · Unknown · Openmetadata
Name of the Vulnerable Software and Affected Versions: OpenMetadata versions prior to 1.4.5 Description: OpenMetadata is susceptible to a SQL injection issue. An attacker can extract information from the database through the listCount function within the TestDefinitionDAO interface. The...
CVE-2024-43776
SQL Injection in mock exam function of Easytest Online Test Platform ver.24E01 and earlier allow remote authenticated users to execute arbitrary SQL commands via the qlevel parameter...
CVE-2024-43774
SQL Injection in download personal learning course function of Easytest Online Test Platform ver.24E01 and earlier allow remote authenticated users to execute arbitrary SQL commands via the uid parameter...
CVE-2024-43773
SQL Injection in download class learning course function of Easytest Online Test Platform ver.24E01 and earlier allow remote attackers to execute arbitrary SQL commands via the cstr parameter...
CVE-2024-43772
SQL Injection in download student learning course function of Easytest Online Test Platform ver.24E01 and earlier allow remote attackers to execute arbitrary SQL commands via the uid parameter...
CVE-2024-7871
SQL Injection in online dictionary function of Easytest Online Test Platform ver.24E01 and earlier allow remote authenticated users to execute arbitrary SQL commands via the word parameter...
CVE-2024-43776 Huachu Easytest Online Learning Test Platform - SQL Injection
SQL Injection in mock exam function of Easytest Online Test Platform ver.24E01 and earlier allow remote authenticated users to execute arbitrary SQL commands via the qlevel parameter...
CVE-2024-43776
This CVE (CVE-2024-43776) concerns a SQL Injection vulnerability in the mock exam function of Easytest Online Test Platform, version 24E01 and earlier. The flaw allows remote authenticated users to execute arbitrary SQL via the qlevel parameter. Affected component: mock exam function; underlying ...