提交 #590150: ESAPI esapi-java-legacy 2.6.2.0 SQL injection filtering bypass2信息

标题ESAPI esapi-java-legacy 2.6.2.0 SQL injection filtering bypass2
描述When using MySQL codec's ANSI mode and ESAPI library for encoding in ESAPI2.6.2.0 components, SQL injection defense can be bypassed. Attackers can exploit this vulnerability to bypass SQL injection defense and launch SQL injection attacks
来源⚠️ https://github.com/uglory-gll/javasec/blob/main/ESAPI.md
用户
 uglory (UID 82151)
提交2025-06-04 15時23分 (10 月前)
管理2025-06-28 09時15分 (24 days later)
状态重复
VulDB条目314321 [ESAPI esapi-java-legacy 直到 2.6.2.0 SQL Injection Defense Encoder.encodeForSQL 远程代码执行]
积分0

上一步一览下一步

Interested in the pricing of exploits?

See the underground prices here!