-
Prevent SQL injection at the search. Maybe this helps: https://www.stackhawk.com/blog/react-command-injection-examples-and-prevention/
-
### What would you like to be improved?
databaseName in generateDropDatabaseSql is not validated for any potential SQL issues.
### How should we improve?
Validate databaseName
-
Me and @inesmarcal discover a new vulnerability never before reported in "HOST/admin.php?page=user_list" link, where based on filters should be possible to see the users list, but some of the paramete…
-
A SQL injection vulnerability is affecting the following repositories:
- [easey-common](https://github.com/US-EPA-CAMD/easey-common/security/dependabot/37)
- [easey-monitor-plan-api](https://github.c…
-
### Describe the bug
In https://github.com/coreruleset/coreruleset/pull/3055 a new rule was introduced for JSON-Based SQL Injection.
This is a v4 rule.
In testing, we have discovered that the r…
-
### **Description**
SQL Injection & Insufficiently Random Values vulnerability
### **Repro Steps**
- Use [Mobile Security Framework Mobsf](https://github.com/MobSF/Mobile-Security-Framework-M…
-
Critical security issue: it's extremely easy to forge a malicious request by using single quotes in a parameter value.
```
> builder.query().select('password').from('users').where('user_id', '=', …
-
### Description
Checkout this https://github.com/apoorvaron/Shorty/pull/308
### Screenshots
_No response_
### Additional information
_No response_
-
## Summary
SQL Injection in Grafana, as a "feature", so likely won't get patched
### Basic example
https://fdlucifer.github.io/2024/04/22/grafana-sql-injection/ looks thorough enough to creat…
-
Currently, the only place SQL injections are mentioned is the Raw section. It would be great to have a short section talking about this (or even one sentence somewhere). It is not clear whether Knex p…