Lucene search
K

15 matches found

Nuclei
Nuclei
added 3 hours ago22 views

Django RasterField - SQL Injection

Django 6.0.2, 5.2.11, and 4.2.28 contains a SQL injection caused by improper sanitization of the band index parameter in RasterField on PostGIS, letting remote attackers inject SQL, exploit requires crafted input. id: CVE-2026-1207 info: name: Django RasterField - SQL Injection author: omarkurt...

8.3CVSS7.1AI score0.09436EPSS
Exploits1References3
GithubExploit
GithubExploit
added 2026/04/26 2:54 a.m.127 views

Exploit for SQL Injection in Djangoproject Django

CVE-2026-1207: Django GIS RasterField SQL Injection Vulnerabil...

5.4CVSS7.6AI score0.09436EPSS
Exploits1
OpenVAS
OpenVAS
added 2026/03/02 12:0 a.m.3 views

Fedora: Security Advisory (FEDORA-2026-3adb735295)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.5CVSS6.1AI score0.09436EPSS
Exploits2References8
Chainguard
Chainguard
added 2026/02/05 1:17 a.m.18 views

CVE-2026-1207 vulnerabilities

Vulnerabilities for packages: label-studio, awx, authentik, authentik-fips...

8.3CVSS7AI score0.09436EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.6 views

Python Library Django 4.2.x < 4.2.28 / 5.2.x < 5.2.11 / 6.0.x < 6.0.2 Multiple Vulnerabilities

The detected version of the Django Python package, Django, is 4.2.x prior to 4.2.28, 5.2.x prior to 5.2.11, or 6.0.x prior to 6.0.2. It is, therefore, affected by multiple vulnerabilities as referenced by security release advisory: - The django.contrib.auth.handlers.modwsgi.checkpassword function...

8.5CVSS6.1AI score0.09436EPSS
Exploits2References7
vulnersOsv
vulnersOsv
added 2026/02/03 3:49 p.m.4 views

aa-charlink (>=0.1.1 <=1.0.0), aa-drifters (=0.1.0a0) +511 more potentially affected by CVE-2026-1207 via django (>=4.0.0 <=4.2.27)

django PYPI version =4.0.0, =0.1.1, =1.0.0, =0.1.0a0, =0.11.0a0, =0.1.1, =1.1.0, =0.1.0, =0.0.3, =4.0.9.0, =65.10.0, =65.10.3 and more Source cves: CVE-2026-1207 Source advisory: SNYK:PYTHON-DJANGO-15183335...

8.3CVSS7AI score0.09436EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2026/02/03 3:49 p.m.6 views

arches (=8.0.0a1), django-accounts-api (=1.2.5) +24 more potentially affected by CVE-2026-1207 via django (>=6.0.0 <=6.0.1)

django PYPI version =6.0.0, =1.1.0, =0.1.0, =0.1.0b2, =0.1.0, =6.0.0, =0.20.4, =0.22.1 and more Source cves: CVE-2026-1207 Source advisory: SNYK:PYTHON-DJANGO-15183335...

8.3CVSS7.2AI score0.09436EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2026/02/03 3:30 p.m.5 views

cg-django-uaa (=2.1.9), deeplabelnet (>=0.1.0 <=0.1.20) +22 more potentially affected by CVE-2026-1207 via django (>=5.2.0 <=5.2.10)

django PYPI version =5.2.0, =0.1.0, =0.1.0, =1.3.0, =1.92.0.5, =4.2.0, =0.0.7, =3.0.0, =0.1.0, =5.2.0, =5.2.1 - djbackup =2.1.0 and more Source cves: CVE-2026-1207 Source advisory: OSV:GHSA-MWM9-4648-F68Q...

8.3CVSS7AI score0.09436EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2026/02/03 3:30 p.m.4 views

aldryn-django (>=4.2.10.0 <=4.2.18.0), alertwise (=1.0.0) +114 more potentially affected by CVE-2026-1207 via django (>=4.2.0 <=4.2.27)

django PYPI version =4.2.0, =4.2.10.0, =65.10.0, =7.5.1, =1.0.2, =0.0.1, =1.3.9, =0.4.0, =0.0.1, =4.16.2, =4.8.0, =0.0.4.dev0, =8.0.0, =8.5.1 and more Source cves: CVE-2026-1207 Source advisory: OSV:GHSA-MWM9-4648-F68Q...

8.3CVSS7.2AI score0.09436EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2026/02/03 3:16 p.m.7 views

aldryn-django (>=4.2.10.0 <=4.2.18.0), alertwise (=1.0.0) +114 more potentially affected by CVE-2026-1207 via django (>=4.2.0 <=4.2.27)

django PYPI version =4.2.0, =4.2.10.0, =65.10.0, =7.5.1, =1.0.2, =0.0.1, =1.3.9, =0.4.0, =0.0.1, =4.16.2, =4.8.0, =0.0.4.dev0, =8.0.0, =8.5.1 and more Source cves: CVE-2026-1207 Source advisory: OSV:PYSEC-2026-44...

8.3CVSS7.2AI score0.09436EPSS
Exploits1
OSV
OSV
added 2026/02/03 3:16 p.m.2 views

DEBIAN-CVE-2026-1207

An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. Raster lookups on RasterField only implemented on PostGIS allows remote attackers to inject SQL via the band index parameter. Earlier, unsupported Django series such as 5.0.x, 4.1.x, and 3.2.x were not evaluate...

5.4CVSS7.8AI score0.09436EPSS
Exploits1References1
AlpineLinux
AlpineLinux
added 2026/02/03 2:35 p.m.7 views

CVE-2026-1207

An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. Raster lookups on RasterField only implemented on PostGIS allows remote attackers to inject SQL via the band index parameter. Earlier, unsupported Django series such as 5.0.x, 4.1.x, and 3.2.x were not evaluate...

8.3CVSS5.7AI score0.09436EPSS
Exploits1
Debian CVE
Debian CVE
added 2026/02/03 2:35 p.m.5 views

CVE-2026-1207

An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. Raster lookups on RasterField only implemented on PostGIS allows remote attackers to inject SQL via the band index parameter. Earlier, unsupported Django series such as 5.0.x, 4.1.x, and 3.2.x were not evaluate...

8.3CVSS7.8AI score0.09436EPSS
Exploits1
OSV
OSV
added 2026/02/03 2:0 p.m.5 views

UBUNTU-CVE-2026-1207

An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. Raster lookups on RasterField only implemented on PostGIS allows remote attackers to inject SQL via the band index parameter. Earlier, unsupported Django series such as 5.0.x, 4.1.x, and 3.2.x were not evaluate...

8.3CVSS7.2AI score0.09436EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/02/03 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-1207

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. Raster lookups on RasterField only implemented on PostGIS allows remote...

5.4CVSS6.1AI score0.09436EPSS
Exploits1References2
Rows per page
Query Builder