Описание
Withdrawn: SQL injection in Yii 2
Withdrawn Advisory
This advisory has been withdrawn because the issue originates from a product built on Yii2, not the Yii2 Framework itself. This link is maintained to preserve external references.
Original Description
SQL injection vulnerability found in Yii Framework Yii 2 Framework before v.2.0.47 allows the a remote attacker to execute arbitrary code via the runAction function.
Ссылки
Пакеты
yiisoft/yii2
< 2.0.47
2.0.47
Связанные уязвимости
SQL injection vulnerability found in Yii Framework Yii 2 Framework before v.2.0.47 allows the a remote attacker to execute arbitrary code via the runAction function. NOTE: the software maintainer's position is that the vulnerability is in third-party code, not in the framework.
SQL injection vulnerability found in Yii Framework Yii 2 Framework bef ...