Lucene search
Https://gitlab.com/gitlab-org/security-products/gemnasium-dbGITLAB-9A8B4A277EDDAF236BBDE7D341A1A519HistoryJun 29, 2021 - 12:00 a.m.
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
2021-06-2900:00:00
https://gitlab.com/gitlab-org/security-products/gemnasium-db
gitlab.com
4
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.003 Low
EPSS
Percentile
64.6%
SQL injection vulnerability in the GetIssues function in models/issue.go in Gogs (aka Go Git Service) 0.3.1-9 through 0.5.6.x before 0.5.6.1025 Beta allows remote attackers to execute arbitrary SQL commands via the label parameter to user/repos/issues.
| CPE | Name | Operator | Version |
|---|---|---|---|
| go/gogs.io/gogs | ge | 0.3.1 | |
| go/gogs.io/gogs | lt | 0.5.8 |
Related
prion
prion
Sql injection
2014-11-21 15:59:00
github
github
SQL Injection in gogs.io/gogs
2021-06-29 18:32:44
osv
osv
SQL Injection in gogs.io/gogs
2021-06-29 18:32:44
SQL Injection in github.com/gogits/gogs
2021-04-14 20:04:52
packetstorm
packetstorm
Gogs Label Search Blind SQL Injection
2014-11-14 00:00:00
veracode
veracode
SQL Injection
2017-05-03 08:30:55
exploitpack
exploitpack
Gogs - label SQL Injection
2014-11-14 00:00:00
cve
cve
CVE-2014-8681
2014-11-21 15:59:00
cvelist
cvelist
CVE-2014-8681
2014-11-21 15:00:00
exploitdb
exploitdb
Gogs - 'label' SQL Injection
2014-11-14 00:00:00
zdt
zdt
Gogs Blind SQL Injection Vulnerability
2014-11-15 00:00:00
openvas
openvas
Gogs >= 0.3.1, < 0.5.8 Multiple Vulnerabilities
2015-02-06 00:00:00
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.003 Low
EPSS
Percentile
64.6%
Related for GITLAB-9A8B4A277EDDAF236BBDE7D341A1A519