EUVD-2022-51721

Malicious code in bioql PyPI...

EUVD-2022-51722

Malicious code in bioql PyPI...

CVE-2022-4371

The Web Invoice WordPress plugin through 2.1.3 does not properly sanitize and escape a parameter before using it in a SQL statement, leading to a SQL Injection exploitable by high privilege users such as admin by default. However, depending on the plugin configuration, other users, such as...

CVE-2022-4372

The Web Invoice WordPress plugin through 2.1.3 does not properly sanitize and escape a parameter before using it in a SQL statement, leading to a SQL Injection exploitable by high privilege users such as admin by default. However, depending on the plugin configuration, other users, such as...

CVE-2022-4372

The Web Invoice WordPress plugin through 2.1.3 does not properly sanitize and escape a parameter before using it in a SQL statement, leading to a SQL Injection exploitable by high privilege users such as admin by default. However, depending on the plugin configuration, other users, such as...

CVE-2022-4371

The Web Invoice WordPress plugin through 2.1.3 does not properly sanitize and escape a parameter before using it in a SQL statement, leading to a SQL Injection exploitable by high privilege users such as admin by default. However, depending on the plugin configuration, other users, such as...

CVE-2022-4372

The Web Invoice WordPress plugin through 2.1.3 does not properly sanitize and escape a parameter before using it in a SQL statement, leading to a SQL Injection exploitable by high privilege users such as admin by default. However, depending on the plugin configuration, other users, such as...

CVE-2022-4371

The Web Invoice WordPress plugin through 2.1.3 does not properly sanitize and escape a parameter before using it in a SQL statement, leading to a SQL Injection exploitable by high privilege users such as admin by default. However, depending on the plugin configuration, other users, such as...

Sql injection

The Web Invoice WordPress plugin through 2.1.3 does not properly sanitize and escape a parameter before using it in a SQL statement, leading to a SQL Injection exploitable by high privilege users such as admin by default. However, depending on the plugin configuration, other users, such as...

Sql injection

The Web Invoice WordPress plugin through 2.1.3 does not properly sanitize and escape a parameter before using it in a SQL statement, leading to a SQL Injection exploitable by high privilege users such as admin by default. However, depending on the plugin configuration, other users, such as...

CVE-2022-4372 Web Invoice <= 2.1.3 - Authenticated SQLi

The Web Invoice WordPress plugin through 2.1.3 does not properly sanitize and escape a parameter before using it in a SQL statement, leading to a SQL Injection exploitable by high privilege users such as admin by default. However, depending on the plugin configuration, other users, such as...

CVE-2022-4372

The CVE-2022-4372 entry corresponds to the Web Invoice WordPress plugin (versions ≤ 2.1.3) with a SQL Injection vulnerability caused by improper sanitization/escaping of a parameter before its use in a SQL statement. The issue enables exploitation by high-privilege users (e.g., admin by default; ...

CVE-2022-4372 Web Invoice <= 2.1.3 - Authenticated SQLi

The Web Invoice WordPress plugin through 2.1.3 does not properly sanitize and escape a parameter before using it in a SQL statement, leading to a SQL Injection exploitable by high privilege users such as admin by default. However, depending on the plugin configuration, other users, such as...

CVE-2022-4371 Web Invoice <= 2.1.3 - Authenticated SQLi

The Web Invoice WordPress plugin through 2.1.3 does not properly sanitize and escape a parameter before using it in a SQL statement, leading to a SQL Injection exploitable by high privilege users such as admin by default. However, depending on the plugin configuration, other users, such as...

CVE-2022-4371

CVE-2022-4371 affects the Web Invoice WordPress plugin up to version 2.1.3. The issue is an SQL injection caused by improper sanitization/escaping of a parameter used in a SQL statement, exploitable by high-privilege users (admin by default) and potentially others depending on plugin configuratio...

WordPress plugin Web Invoice SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerability exist...

PT-2023-14305 · WordPress · Web Invoice Wordpress Plugin

Name of the Vulnerable Software and Affected Versions: Web Invoice WordPress plugin versions 2.1.3 and earlier Description: The issue arises from the plugin's failure to properly sanitize and escape a parameter before using it in a SQL statement, leading to a SQL Injection. This can be exploited ...

PT-2023-14297 · WordPress · Web Invoice Wordpress Plugin

Name of the Vulnerable Software and Affected Versions: Web Invoice WordPress plugin versions 2.1.3 and earlier Description: The issue arises from the plugin's failure to properly sanitize and escape a parameter before using it in a SQL statement, leading to a SQL Injection. This can be exploited ...

WordPress plugin Web Invoice SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerability exist...

Web Invoice <= 2.1.3 - Authenticated SQLi

The plugin does not properly sanitize and escape a parameter before using it in a SQL statement, leading to a SQL Injection exploitable by high privilege users such as admin by default. However, depending on the plugin configuration, other users, such as subscriber could exploit this as well PoC...