This issue is to collect the similar ones reported about ORM lite not properly escaping parameters in the produced SQL. This may lead to the well known SQL injection vulnerability[1], which is quite serious. I have found the following issues related to this:
146
137
81 (this should be reopened as it does not apply to table names only)
This issue is to collect the similar ones reported about ORM lite not properly escaping parameters in the produced SQL. This may lead to the well known SQL injection vulnerability[1], which is quite serious. I have found the following issues related to this:
146
137
81 (this should be reopened as it does not apply to table names only)
138 - see this comment
@j256 , it would be great to have your comment, even if you do not have time to fix it; maybe somebody will be happy to contribute the fix.
many thanks in advance
[1] https://owasp.org/www-community/attacks/SQL_Injection