CVE-2026-33643

Published: Mar 30, 2026 Last Modified: Mar 30, 2026
ExploitDB:
Other exploit source:
Google Dorks:

Description

AI Translation Available

SQL Injection vulnerability in SchemaHero 0.23.0 via the column parameter to the mysqlColumnAsInsert function in file plugins/mysql/lib/column.go.

https://gist.github.com/b0b0haha/fb59199fb1fdf9414e76442e05…
https://gist.github.com/b0b0haha/fb59199fb1fdf9414e76442e0599bfed
https://github.com/b0b0haha/SchemaHero--Sqlinjection/blob/m…
https://github.com/b0b0haha/SchemaHero--Sqlinjection/blob/main/README.md