6 matches found
CVE-2014-8682 Multiple Unauthenticated SQL Injections in Gogs
-----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 Unauthenticated SQL Injection in Gogs repository search ======================================================= Researcher: Timo Schmid [email protected] Description =========== GogsGo Git Service is a painless self-hosted Git Service written in Go...
CVE-2014-8682
Multiple SQL injection vulnerabilities in Gogs aka Go Git Service 0.3.1-9 through 0.5.x before 0.5.6.1105 Beta allow remote attackers to execute arbitrary SQL commands via the q parameter to 1 api/v1/repos/search, which is not properly handled in models/repo.go, or 2 api/v1/users/search, which is...
CVE-2014-8682
Gogs (Go Git Service) is affected by SQL injection via the q parameter in the API endpoints /api/v1/repos/search and /api/v1/users/search. The vulnerability stems from improper handling in the repository and user search code paths (models/repo.go and models/user.go) across Gogs versions 0.3.1-9 t...
Gogs - 'users'/'repos' '?q' SQL Injection
Unauthenticated SQL Injection in Gogs repository search ======================================================= Researcher: Timo Schmid Description =========== GogsGo Git Service is a painless self-hosted Git Service written in Go. taken from 1 It is very similiar to the github hosting plattform...
Gogs Repository Search SQL Injection
-----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 Unauthenticated SQL Injection in Gogs repository search ======================================================= Researcher: Timo Schmid Description =========== GogsGo Git Service is a painless self-hosted Git Service written in Go. taken from 1 I...
Gogs - usersrepos ?q SQL Injection
Gogs - usersrepos ?q SQL Injection Unauthenticated SQL Injection in Gogs repository search ======================================================= Researcher: Timo Schmid Description =========== GogsGo Git Service is a painless self-hosted Git Service written in Go. taken from 1 It is very simili...