columnQuote in medoo before 1.7.5 allows remote attackers to perform a SQL Injection due to improper escaping.
References
Link | Resource |
---|---|
https://github.com/catfan/Medoo/commit/659864b393961bf224bba1efc03b7dcbed7de533 | Patch Third Party Advisory |
https://snyk.io/vuln/SNYK-PHP-CATFANMEDOO-474562 | Third Party Advisory |
Configurations
History
No history.
Information
Published : 2019-10-30 22:15
Updated : 2023-12-10 13:13
NVD link : CVE-2019-10762
Mitre link : CVE-2019-10762
CVE.ORG link : CVE-2019-10762
JSON object : View
Products Affected
medoo
- medoo
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')