Soumettre #442943: http://www.datagear.tech/ datagear <=4.60 command executioninformation

Titrehttp://www.datagear.tech/ datagear <=4.60 command execution
Descriptiondatagear exists a freemaker template injected in the /dataSet/resolveSql route rendering sql statement
La source⚠️ https://github.com/nn0nkey/nn0nkey/blob/main/Datagear/freemaker.md
Utilisateur
 nn0nkey (UID 74287)
Soumission13/11/2024 01:38 (il y a 2 ans)
Modérer21/11/2024 07:52 (8 days later)
StatutAccepté
Entrée VulDB285658 [DataGear jusqu’à 4.60 /dataSet/resolveSql sql injection SQL]
Points14

PrécédentAperçuSuivant

Do you need the next level of professionalism?

Upgrade your account now!