6 matches found
EUVD-2023-2221
Malicious code in bioql PyPI...
GHSA-62PR-54GV-VG5G SpringBlade vulnerable to SQL injection
In SpringBlade V3.6.0 when executing SQL query, the parameters submitted by the user are not wrapped in quotation marks, which leads to SQL injection...
CVE-2023-40787
In SpringBlade V3.6.0 when executing SQL query, the parameters submitted by the user are not wrapped in quotation marks, which leads to SQL injection...
PT-2023-8132 · Unknown · Springblade
Name of the Vulnerable Software and Affected Versions: SpringBlade version 3.6.0 Description: The issue is related to the lack of protection against SQL query structure exploitation, allowing a remote attacker to execute arbitrary SQL queries. Specifically, in SpringBlade, when executing SQL...
SpringBlade SQL注入漏洞
Breed Network Technology SpringBlade is a set of microservice development platform from China Breed Network Technology. A security vulnerability exists in SpringBlade version V3.6.0, which stems from a SQL injection when executing a SQL query, where the parameters submitted by the user are not...
Debian DSA-235-1 : kdegraphics - several vulnerabilities
The KDE team discovered several vulnerabilities in the K Desktop Environment. In some instances KDE fails to properly quote parameters of instructions passed to a command shell for execution. These parameters may incorporate data such as URLs, filenames and e-mail addresses, and this data may be...