| Titel | ESAPI esapi-java-legacy 2.6.2.0 SQL injection filtering bypass2 |
|---|
| Beschreibung | When using MySQL codec's ANSI mode and ESAPI library for encoding in ESAPI2.6.2.0 components, SQL injection defense can be bypassed. Attackers can exploit this vulnerability to bypass SQL injection defense and launch SQL injection attacks |
|---|
| Quelle | ⚠️ https://github.com/uglory-gll/javasec/blob/main/ESAPI.md |
|---|
| Benutzer | uglory (UID 82151) |
|---|
| Einreichung | 04.06.2025 15:23 (vor 10 Monaten) |
|---|
| Moderieren | 28.06.2025 09:15 (24 days later) |
|---|
| Status | Duplikat |
|---|
| VulDB Eintrag | 314321 [ESAPI esapi-java-legacy bis 2.6.2.0 SQL Injection Defense Encoder.encodeForSQL Remote Code Execution] |
|---|
| Punkte | 0 |
|---|