1 results (0.009 seconds)
CVSS: 9.8EPSS: 0%CPEs: 7EXPL: 1
CVE-2015-9244
https://notcve.org/view.php?id=CVE-2015-9244
Keys of objects in mysql node module v2.0.0-alpha7 and earlier are not escaped with `mysql.escape()` which could lead to SQL Injection. Las claves de objetos en el módulo mysql node en versiones v2.0.0-alpha7 y anteriores no se escapan con "mysql.escape()", lo que podría conducir a una inyección SQL. • https://github.com/felixge/node-mysql/issues/342 https://nodesecurity.io/advisories/66 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •