issues Search Results · language:Dune language:JavaScript language:JavaScript language:JavaScript language:CSS language:PHP
Filter by
26.2M results
TwiixikSecurity Vulnerability Report: IDOR — Any User Can Change Any User s Profile Photo
Hello bitsandbots team,
I found an IDOR (Insecure Direct Object Reference) vulnerability in the profile photo upload ...
abdurazzoqovjavohir700-dev
Security Vulnerability Report: SQL Injection in Login Ballot Submission
Hello @HariharanElancheliyan,
I found 2 SQL injection vulnerabilities and a vote manipulation issue in this project.
1. SQL ...
Summary
LogEntry s constructor accepts a nullable ?string $statement, but getStatement() is declared with a non-nullable string
return type and returns the field directly, so (new LogEntry( conn , null))- ...
package: connection
ElGigi
This was generated by AI during triage.
Parent
#735 (PRD: Tweak coaching — ACTIONS #19). Resolved design: ADR-0024.
What to build
Complete the Comparability resolver and the graceful-degradation behavior ...
enhancement
ready-for-agent
pierrickmartino
Summary
Connection::yieldColumn() terminates iteration on false, but PDOStatement::fetchColumn() returns false both at
end-of-result and when the selected column value is literally false (e.g. a pdo_pgsql ...
package: connection
This was generated by AI during triage.
Parent
#735 (PRD: Tweak coaching — ACTIONS #19). Resolved design: ADR-0024.
What to build
Add the descriptive (Tier 2) path for diffs that touch anything structural ...
enhancement
ready-for-agent
The regenerated 2.3.0 WordPress.org artifact included .phpunit.cache/test-results. Exclude PHPUnit cache directories
from the release package so the SVN trunk/tag contain only distributable plugin files. ...
georgeolaru
Summary
Connection::beginTransaction() increments the transaction counter before calling PDO::beginTransaction(). If the PDO
call throws (or the lazy new PDO() inside getPdo() fails), the counter stays ...
package: connection
Summary
Order::random() hardcodes the MySQL-specific RAND(), which is emitted verbatim regardless of the connected driver. On
SQLite (and PostgreSQL) the function is RANDOM(), so random() produces invalid ...
package: query
Learn how you can use GitHub Issues to plan and track your work.
Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub IssuesProTip! Restrict your search to the title by using the in:title qualifier.
Learn how you can use GitHub Issues to plan and track your work.
Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub IssuesProTip! Restrict your search to the title by using the in:title qualifier.