SQL Injection
SQL injection vulnerability in the model.increment and model.decrement function in ThinkJS allows remote attackers to execute arbitrary SQL commands via the step parameter.
Advisories for Npm/Thinkjs package
2021
SQL injection vulnerability in the model.increment and model.decrement function in ThinkJS allows remote attackers to execute arbitrary SQL commands via the step parameter.