Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
corincerami curiosity image_controller.rb sql injection
Vulnerability Description
A vulnerability classified as critical was found in corincerami curiosity. Affected by this vulnerability is an unknown functionality of the file app/controllers/image_controller.rb. The manipulation of the argument sol leads to sql injection. The patch is named d64fddd74ca72714e73f4efe24259ca05c8190eb. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-217639.
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
SQL命令中使用的特殊元素转义处理不恰当(SQL注入)
Vulnerability Title
curiosity SQL注入漏洞
Vulnerability Description
curiosity是Corin Cerami个人开发者的一个应用程序。提供 NASA 好奇号火星探测器的图像数据。 curiosity存在SQL注入漏洞,该漏洞源于对参数sol的错误操作会导致sql注入。
CVSS Information
N/A
Vulnerability Type
N/A