Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-40787: CVE-2023-40787

In SpringBlade V3.6.0 when executing SQL query, the parameters submitted by the user are not wrapped in quotation marks, which leads to SQL injection.

CVE
Open in Source
#sql#vulnerability#git

CVE-2023-40787

[description]

In SpringBlade V3.6.0 when executing SQL query, the parameters

submitted by the user are not wrapped in quotation marks, which leads to SQL injection

[Vulnerability Type]

SQL Injection

[Vendor of Product]

https://github.com/chillzhuang/SpringBlade

[Affected Product Code Base]

SpringBlade - V3.6.0

[Attack Type]

Remote

[Discoverer]

cyvk

Related news

GHSA-62pr-54gv-vg5g: SpringBlade vulnerable to SQL injection

In SpringBlade V3.6.0 when executing SQL query, the parameters submitted by the user are not wrapped in quotation marks, which leads to SQL injection.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE
CVE-2023-6905
CVE
CVE-2023-6903
CVE
CVE-2023-6904
CVE
CVE-2023-3907
CVE