Description
SQL injection vulnerability in the addslashes method in SilverStripe 2.3.x before 2.3.12 and 2.4.x before 2.4.6, when connected to a MySQL database using far east character encodings, allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Remediation
References
Related Vulnerabilities
Oracle Database Server CVE-2012-0534 Vulnerability (CVE-2012-0534)
Oracle Application Server CVE-2008-4017 Vulnerability (CVE-2008-4017)
WordPress Plugin NextGEN Gallery-WordPress Gallery 'Gallery Path' Field Cross-Site Scripting (1.9.5)
Python Improper Privilege Management Vulnerability (CVE-2020-29396)
Ruby on Rails Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-6417)