Description
SQL injection vulnerability in the Search::setJsonAlert method in OSClass before 3.4.3 allows remote attackers to execute arbitrary SQL commands via the alert parameter in a search alert subscription action.
Remediation
References
Related Vulnerabilities
Multiple SugarCRM Products Remote Code Execution Vulnerability (CVE-2023-22952)
WordPress Plugin WP Symposium Multiple Vulnerabilities (14.05.02)
Oracle Database Server CVE-2014-4292 Vulnerability (CVE-2014-4292)
WordPress Plugin FormCraft-Contact Form Builder SQL Injection (1.0.5)
WordPress Plugin Banner Effect Header Cross-Site Scripting (1.2.7)