Lucene search
K

7 matches found

CNNVD
CNNVD
added 2026/03/06 12:0 a.m.6 views

CocoIndex SQL注入漏洞

CocoIndex is an open-source high-performance framework for AI data conversion developed by CocoIndex. Versions of CocoIndex prior to 0.3.34 contained a SQL injection vulnerability. This vulnerability occurred because the Doris target connector did not validate the configured table names, which...

9.8CVSS5.9AI score0.00282EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/08/24 12:13 a.m.5 views

CVE-2025-51092

The LogIn-SignUp project by VishnuSivadasVS is vulnerable to SQL Injection due to unsafe construction of SQL queries in DataBase.php. The functions logIn and signUp build queries by directly concatenating user input and unvalidated table names without using prepared statements. While a prepareDat...

9.8CVSS8.7AI score0.00381EPSS
Exploits0References1
NVD
NVD
added 2025/08/22 7:15 p.m.4 views

CVE-2025-51092

The LogIn-SignUp project by VishnuSivadasVS is vulnerable to SQL Injection due to unsafe construction of SQL queries in DataBase.php. The functions logIn and signUp build queries by directly concatenating user input and unvalidated table names without using prepared statements. While a prepareDat...

9.8CVSS0.00381EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/22 12:0 a.m.2 views

CVE-2025-51092

The LogIn-SignUp project by VishnuSivadasVS is vulnerable to SQL Injection due to unsafe construction of SQL queries in DataBase.php. The functions logIn and signUp build queries by directly concatenating user input and unvalidated table names without using prepared statements. While a prepareDat...

8.6AI score0.00381EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/22 12:0 a.m.8 views

CVE-2025-51092

The LogIn-SignUp project by VishnuSivadasVS is vulnerable to SQL Injection due to unsafe construction of SQL queries in DataBase.php. The functions logIn and signUp build queries by directly concatenating user input and unvalidated table names without using prepared statements. While a prepareDat...

0.00381EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 5:21 a.m.4 views

SUSE CVE-2015-1352

The buildtablename function in pgsql.c in the PostgreSQL aka pgsql extension in PHP through 5.6.7 does not validate token extraction for table names, which allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted name...

5CVSS6.9AI score0.07758EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2015/06/25 8:43 a.m.3 views

php: NULL pointer dereference in php_pgsql_meta_data()

The phppgsqlmetadata function in pgsql.c in the PostgreSQL aka pgsql extension in PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 does not validate token extraction for table names, which might allow remote attackers to cause a denial of service NULL pointer dereference and...

7.5CVSS6.8AI score0.06393EPSS
Exploits0References4
Rows per page
Query Builder