Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
PEAR is Vulnerable to SQL Injection in Damblan_Karma IN() Query via Literal Substitution
Vulnerability Description
PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, a SQL injection risk exists in karma queries due to unsafe literal substitution for an IN (...) list. This issue has been patched in version 1.33.0.
CVSS Information
N/A
Vulnerability Type
SQL命令中使用的特殊元素转义处理不恰当(SQL注入)
Vulnerability Title
pearweb SQL注入漏洞
Vulnerability Description
pearweb是PEAR开源的一个 PHP 扩展和应用程序存储库。 pearweb 1.33.0之前版本存在SQL注入漏洞,该漏洞源于因果点查询中对IN列表的不安全字面替换,存在SQL注入风险。
CVSS Information
N/A
Vulnerability Type
N/A