Lucene search
K

6 matches found

securityvulns
securityvulns
added 2014/12/01 12:0 a.m.88 views

CVE-2014-8682 Multiple Unauthenticated SQL Injections in Gogs

-----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 Unauthenticated SQL Injection in Gogs repository search ======================================================= Researcher: Timo Schmid [email protected] Description =========== GogsGo Git Service is a painless self-hosted Git Service written in Go...

7.5CVSS7.1AI score0.34274EPSS
Exploits5
Cvelist
Cvelist
added 2014/11/21 3:0 p.m.21 views

CVE-2014-8682

Multiple SQL injection vulnerabilities in Gogs aka Go Git Service 0.3.1-9 through 0.5.x before 0.5.6.1105 Beta allow remote attackers to execute arbitrary SQL commands via the q parameter to 1 api/v1/repos/search, which is not properly handled in models/repo.go, or 2 api/v1/users/search, which is...

8.3AI score0.34274EPSS
Exploits5References8
CVE
CVE
added 2014/11/21 3:0 p.m.105 views

CVE-2014-8682

Gogs (Go Git Service) is affected by SQL injection via the q parameter in the API endpoints /api/v1/repos/search and /api/v1/users/search. The vulnerability stems from improper handling in the repository and user search code paths (models/repo.go and models/user.go) across Gogs versions 0.3.1-9 t...

7.5CVSS8.4AI score0.34274EPSS
Exploits5References8Affected Software1
Exploit DB
Exploit DB
added 2014/11/14 12:0 a.m.76 views

Gogs - 'users'/'repos' '?q' SQL Injection

Unauthenticated SQL Injection in Gogs repository search ======================================================= Researcher: Timo Schmid Description =========== GogsGo Git Service is a painless self-hosted Git Service written in Go. taken from 1 It is very similiar to the github hosting plattform...

7.5CVSS6.8AI score0.34274EPSS
Exploits5
Packet Storm
Packet Storm
added 2014/11/14 12:0 a.m.120 views

Gogs Repository Search SQL Injection

-----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 Unauthenticated SQL Injection in Gogs repository search ======================================================= Researcher: Timo Schmid Description =========== GogsGo Git Service is a painless self-hosted Git Service written in Go. taken from 1 I...

7.5CVSS0.34274EPSS
Exploits5
exploitpack
exploitpack
added 2014/11/14 12:0 a.m.63 views

Gogs - usersrepos ?q SQL Injection

Gogs - usersrepos ?q SQL Injection Unauthenticated SQL Injection in Gogs repository search ======================================================= Researcher: Timo Schmid Description =========== GogsGo Git Service is a painless self-hosted Git Service written in Go. taken from 1 It is very simili...

7.5CVSS7.6AI score0.34274EPSS
Exploits5
Rows per page
Query Builder