Description
SQL injection vulnerability in the Search::setJsonAlert method in OSClass before 3.4.3 allows remote attackers to execute arbitrary SQL commands via the alert parameter in a search alert subscription action.
Remediation
References
Related Vulnerabilities
Java Unspesificed Vulnerability (CVE-2018-3149)
WordPress Plugin Easy2Map Cross-Site Scripting (1.5.5)
WordPress Plugin Easy Pixels eCommerce extension Unspecified Vulnerability (1.4)
WordPress Plugin Migration, Backup, Staging-WPvivid Directory Traversal (0.9.75)
Internet Information Services Other Vulnerability (CVE-1999-0449)