Tag
#sql
UP-RESULT PRO version 1.0 suffers from a remote SQL injection vulnerability.
A little over three dozen security vulnerabilities have been disclosed in various open-source artificial intelligence (AI) and machine learning (ML) models, some of which could lead to remote code execution and information theft. The flaws, identified in tools like ChuanhuChatGPT, Lunary, and LocalAI, have been reported as part of Protect AI's Huntr bug bounty platform. The most severe of the
Sherlock Holmes is famous for his incredible ability to sort through mounds of information; he removes the irrelevant and exposes the hidden truth. His philosophy is plain yet brilliant: “When you have eliminated the impossible, whatever remains, however improbable, must be the truth.” Rather than following every lead, Holmes focuses on the details that are needed to move him to the solution. In
Affected by CVE-2021-3538
funadmin 5.0.2 is vulnerable to SQL Injection via the parentField parameter in the index method of \backend\controller\auth\Auth.php.
funadmin 5.0.2 has a SQL injection vulnerability in the Curd one click command mode plugin.
Funadmin v5.0.2 has an arbitrary file read vulnerability in /curd/index/editfile.
Funadmin v5.0.2 has a SQL injection vulnerability in /curd/table/fieldlist.
Funadmin v5.0.2 has a SQL injection vulnerability in /curd/table/list.
Funadmin 5.0.2 is vulnerable to SQL Injection in curd/table/savefield.