Lucene search
Sunnytoo Security Vulnerabilities
cve
SunnyToo stblogsearch up to v1.0.0 was discovered to contain a SQL injection vulnerability via the StBlogSearchClass::prepareSearch component.
9.8CVSS
9.7AI Score
0.001EPSS
2024-01-19 02:15 PM
11
cve
SQL njection vulnerability in SunnyToo sturls before version 1.1.13, allows attackers to escalate privileges and obtain sensitive information via StUrls::hookActionDispatcher and StUrls::getInstanceId methods.
9.8CVSS
9.4AI Score
0.001EPSS
2023-12-14 09:15 AM
12