Search criteria
2 vulnerabilities found for JiangQie Official Website Mini Program by Unknown
CVE-2021-24303 (GCVE-0-2021-24303)
Vulnerability from nvd – Published: 2021-09-06 11:09 – Updated: 2024-08-03 19:28
VLAI?
Title
JiangQie Official Website Mini Program < 1.1.1 - Authenticated SQL Injection
Summary
The JiangQie Official Website Mini Program WordPress plugin before 1.1.1 does not escape or validate the id GET parameter before using it in SQL statements, leading to SQL injection issues
Severity ?
No CVSS data available.
CWE
- CWE-89 - SQL Injection
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unknown | JiangQie Official Website Mini Program |
Affected:
1.1.1 , < 1.1.1
(custom)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:28:23.552Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/cbd65b7d-d3c3-4ee3-8e5e-ff0eeeaa7b30"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/ja9er/CVEProject/blob/main/wordpress_jiangqie-official-website-mini-program_sqli.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "JiangQie Official Website Mini Program",
"vendor": "Unknown",
"versions": [
{
"lessThan": "1.1.1",
"status": "affected",
"version": "1.1.1",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "wangxiaohui@webray.com.cn inc"
}
],
"descriptions": [
{
"lang": "en",
"value": "The JiangQie Official Website Mini Program WordPress plugin before 1.1.1 does not escape or validate the id GET parameter before using it in SQL statements, leading to SQL injection issues"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 SQL Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-06T11:09:18.000Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpscan.com/vulnerability/cbd65b7d-d3c3-4ee3-8e5e-ff0eeeaa7b30"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ja9er/CVEProject/blob/main/wordpress_jiangqie-official-website-mini-program_sqli.md"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "JiangQie Official Website Mini Program \u003c 1.1.1 - Authenticated SQL Injection",
"x_generator": "WPScan CVE Generator",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "contact@wpscan.com",
"ID": "CVE-2021-24303",
"STATE": "PUBLIC",
"TITLE": "JiangQie Official Website Mini Program \u003c 1.1.1 - Authenticated SQL Injection"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "JiangQie Official Website Mini Program",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "1.1.1",
"version_value": "1.1.1"
}
]
}
}
]
},
"vendor_name": "Unknown"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "wangxiaohui@webray.com.cn inc"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The JiangQie Official Website Mini Program WordPress plugin before 1.1.1 does not escape or validate the id GET parameter before using it in SQL statements, leading to SQL injection issues"
}
]
},
"generator": "WPScan CVE Generator",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-89 SQL Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wpscan.com/vulnerability/cbd65b7d-d3c3-4ee3-8e5e-ff0eeeaa7b30",
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/cbd65b7d-d3c3-4ee3-8e5e-ff0eeeaa7b30"
},
{
"name": "https://github.com/ja9er/CVEProject/blob/main/wordpress_jiangqie-official-website-mini-program_sqli.md",
"refsource": "MISC",
"url": "https://github.com/ja9er/CVEProject/blob/main/wordpress_jiangqie-official-website-mini-program_sqli.md"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2021-24303",
"datePublished": "2021-09-06T11:09:18.000Z",
"dateReserved": "2021-01-14T00:00:00.000Z",
"dateUpdated": "2024-08-03T19:28:23.552Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-24303 (GCVE-0-2021-24303)
Vulnerability from cvelistv5 – Published: 2021-09-06 11:09 – Updated: 2024-08-03 19:28
VLAI?
Title
JiangQie Official Website Mini Program < 1.1.1 - Authenticated SQL Injection
Summary
The JiangQie Official Website Mini Program WordPress plugin before 1.1.1 does not escape or validate the id GET parameter before using it in SQL statements, leading to SQL injection issues
Severity ?
No CVSS data available.
CWE
- CWE-89 - SQL Injection
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unknown | JiangQie Official Website Mini Program |
Affected:
1.1.1 , < 1.1.1
(custom)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:28:23.552Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/cbd65b7d-d3c3-4ee3-8e5e-ff0eeeaa7b30"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/ja9er/CVEProject/blob/main/wordpress_jiangqie-official-website-mini-program_sqli.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "JiangQie Official Website Mini Program",
"vendor": "Unknown",
"versions": [
{
"lessThan": "1.1.1",
"status": "affected",
"version": "1.1.1",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "wangxiaohui@webray.com.cn inc"
}
],
"descriptions": [
{
"lang": "en",
"value": "The JiangQie Official Website Mini Program WordPress plugin before 1.1.1 does not escape or validate the id GET parameter before using it in SQL statements, leading to SQL injection issues"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 SQL Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-06T11:09:18.000Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpscan.com/vulnerability/cbd65b7d-d3c3-4ee3-8e5e-ff0eeeaa7b30"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ja9er/CVEProject/blob/main/wordpress_jiangqie-official-website-mini-program_sqli.md"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "JiangQie Official Website Mini Program \u003c 1.1.1 - Authenticated SQL Injection",
"x_generator": "WPScan CVE Generator",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "contact@wpscan.com",
"ID": "CVE-2021-24303",
"STATE": "PUBLIC",
"TITLE": "JiangQie Official Website Mini Program \u003c 1.1.1 - Authenticated SQL Injection"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "JiangQie Official Website Mini Program",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "1.1.1",
"version_value": "1.1.1"
}
]
}
}
]
},
"vendor_name": "Unknown"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "wangxiaohui@webray.com.cn inc"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The JiangQie Official Website Mini Program WordPress plugin before 1.1.1 does not escape or validate the id GET parameter before using it in SQL statements, leading to SQL injection issues"
}
]
},
"generator": "WPScan CVE Generator",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-89 SQL Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wpscan.com/vulnerability/cbd65b7d-d3c3-4ee3-8e5e-ff0eeeaa7b30",
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/cbd65b7d-d3c3-4ee3-8e5e-ff0eeeaa7b30"
},
{
"name": "https://github.com/ja9er/CVEProject/blob/main/wordpress_jiangqie-official-website-mini-program_sqli.md",
"refsource": "MISC",
"url": "https://github.com/ja9er/CVEProject/blob/main/wordpress_jiangqie-official-website-mini-program_sqli.md"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2021-24303",
"datePublished": "2021-09-06T11:09:18.000Z",
"dateReserved": "2021-01-14T00:00:00.000Z",
"dateUpdated": "2024-08-03T19:28:23.552Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}