CVE-2022-3494 The Complianz WordPress plugin before 6.3.4, and Complianz Premium before 6.3.6 allow translators to inject arbitrary SQL.
If the translator does not have proper control over the WordPress installation, or if a malicious translator injects SQL into the database, it can be
CVE-2022-3868 - Critical SQL Injection in SourceCodester Sanitization Management System
In late 2022, a serious vulnerability surfaced in the popular web application, SourceCodester Sanitization Management System. Tracked as CVE-2022-3868, this flaw allows remote attackers to
CVE-2022-20867 - Root-Level SQL Injection in Cisco Email Security Appliance Explained
In June 2022, Cisco published security advisory CVE-2022-20867, revealing a critical weakness in the web-based management interface of Cisco Email Security Appliance (ESA) and Cisco
CVE-2022-41671 An Injection CWE-89 exists in SQL Command that allows adversaries with local user privileges to craft a malicious query and execute as part of project migration.
Risk: Remote Code Execution. Exploitation of this vulnerability is possible if user inputs an SQL command that has special characters of the ‘injection’ type into
CVE-2022-3023 - Exploiting Externally-Controlled Format String Vulnerability in TiDB (pingcap/tidb) Before 6.4./6.1.3
Published: 2024-06-05
Author: Security Analyst
Affected Product: TiDB
Versions Affected: Prior to 6.4., 6.1.3
When dealing with databases, data formatting is everything.
Episode
00:00:00
00:00:00