Lucene search
K

5 matches found

CVE
CVE
added 2026/05/07 1:57 p.m.17 views

CVE-2026-44349

Daptin CVE-2026-44349: The fuzzy search path on /api/ accepts a user-supplied column list and interpolates it into raw SQL without a column whitelist, enabling an authenticated user to read the entire database on vulnerable versions. Affected component: processFuzzySearch in server/resource/resou...

7.1CVSS5.8AI score0.00305EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/07 1:57 p.m.39 views

CVE-2026-44349 Daptin fuzzy search injects unvalidated column name into raw SQL

Daptin is a GraphQL/JSON-API headless CMS. Prior to version 0.11.5, processFuzzySearch in server/resource/resourcefindallpaginated.go:1484 splits the user-supplied column parameter by comma and interpolates each segment directly into goqu.Lfmt.Sprintf"LOWER%s LIKE ?", prefix+col raw SQL with no...

7.1CVSS0.00305EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/20 12:0 a.m.10 views

OneUptime SQL注入漏洞

OneUptime is a comprehensive solution developed by OneUptime OpenSource. It is used to monitor and manage your online services. Versions of OneUptime prior to 10.0.34 contained a SQL injection vulnerability. This vulnerability stemmed from the lack of column name validation in multiple query...

8.1CVSS5.8AI score0.00301EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2026/02/24 5:30 p.m.272 views

Exploit for CVE-2026-26198

versions 0.9.9 through 0.22.0, when performing Vulnerability...

9.8CVSS5.9AI score0.00915EPSS
Exploits2
UbuntuCve
UbuntuCve
added 2026/02/24 12:0 a.m.5 views

CVE-2026-26198

Ormar is a async mini ORM for Python. In versions 0.9.9 through 0.22.0, when performing aggregate queries, Ormar ORM constructs SQL expressions by passing user-supplied column names directly into sqlalchemy.text without any validation or sanitization. The min and max methods in the QuerySet class...

9.8CVSS7.5AI score0.00915EPSS
Exploits2References4
Rows per page
Query Builder