Show filters
2 Total Results
Displaying 1-2 of 2
Sort by:
Attacker Value
Unknown

CVE-2017-16047

Disclosure Date: May 29, 2018 (last updated November 26, 2024)
mysqljs was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
0
0
Attacker Value
Unknown

CVE-2015-9244

Disclosure Date: May 29, 2018 (last updated November 26, 2024)
Keys of objects in mysql node module v2.0.0-alpha7 and earlier are not escaped with `mysql.escape()` which could lead to SQL Injection.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0