SQL Injection

Overview griptape-tools is a Tools for the Griptape framework. Affected versions of this package are vulnerable to SQL Injection through the executequery path in the SQL tool and loader components. An attacker can execute malicious SQL against the connected database by prompt-injecting the LLM to...

EUVD-2021-28928

Malicious code in bioql PyPI...

CVE-2021-41931

The Company's Recruitment Management System in id=2 of the parameter from viewvacancy app on-page appears to be vulnerable to SQL injection. The payloads 19424269' or '1309'='1309 and 39476597' or '2917'='2923 were each submitted in the id parameter. These two requests resulted in different...

The vulnerability of the RecordBrokenApp method in the Ivanti Endpoint Manager software for managing endpoints in information networks allows a hacker to execute arbitrary code.

The vulnerability of the RecordBrokenApp method in the Ivanti Endpoint Manager software for managing endpoints in information networks relates to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a...