-
backend/data/ filter param is vulnerable to SQLi.
-
Few endpoints don't have properly prepared sql statements.
Should get around to that if I ever install Oracle again.
-
`hazelcast-sql` uses `calcite-core` in version `1.32.0` which uses `commons-compiler` in version `3.1.8` which includes following vulnerability:
- CVE-2023-33546 - https://nvd.nist.gov/vuln/detail/CV…
-
### Bug Description
`NLSQLTableQueryEngine`, `SQLTableRetrieverQueryEngine`, `NLSQLRetriever`, `RetrieverQueryEngine`, and `PGVectorSQLQueryEngine` have Text-to-SQL ability. However, by prompt inject…
-
### Is there an existing issue for this?
- [X] I have searched the existing issues
### Current Behavior
Submitted bu @carboncrystal
1. I have OpenAI API Key & Netlas API Key set in Rengine.
2…
-
We don't have CORE Impact but from those who do I have heard it may be possible to export the exploit / CVE mapping from their database. Someone should do this, document how they do it and send me the…
grutz updated
10 years ago
-
I havent had a real problem with this, so maybe this is a non-issue, already handled somehow within osv-scanner.
That said, this feels like it is a problem with using `osv-scanner --lockfile Cargo.…
-
![Screenshot (198)](https://github.com/Whomrx666/vuln-sql/assets/118146225/691b33b1-8587-4958-8202-ce3f4bc67e55)
-
https://alpacahack.com/challenges/simple-login
時間内に解けた問題
-
Medium severity vulnerability found on `sql@0.78.0` according to Snyk:
https://snyk.io/vuln/npm:sql:20180512
The report:
https://hackerone.com/reports/319465