Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
PEAR is Vulnerable to SQL Injection in user::maintains() Role IN() Filter
Vulnerability Description
PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, a SQL injection vulnerability can occur in user::maintains() when role filters are provided as an array and interpolated into an IN (...) clause. This issue has been patched in version 1.33.0.
CVSS Information
N/A
Vulnerability Type
SQL命令中使用的特殊元素转义处理不恰当(SQL注入)
Vulnerability Title
pearweb SQL注入漏洞
Vulnerability Description
pearweb是PEAR开源的一个 PHP 扩展和应用程序存储库。 pearweb 1.33.0之前版本存在SQL注入漏洞,该漏洞源于user::maintains函数在将角色过滤器作为数组提供并插入IN子句时可能发生SQL注入。
CVSS Information
N/A
Vulnerability Type
N/A