Lucene search
+L

21 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 4:1 a.m.5 views

SUSE CVE-2020-7471

Django 1.11 before 1.11.28, 2.2 before 2.2.10, and 3.0 before 3.0.3 allows SQL Injection if untrusted data is used as a StringAgg delimiter e.g., in Django applications that offer downloads of data as a series of rows with a user-specified column delimiter. By passing a suitably crafted delimiter...

7.6CVSS9.2AI score0.65336EPSS
Exploits9References6
GithubExploit
GithubExploit
added 2021/06/03 11:21 a.m.257 views

Exploit for SQL Injection in Djangoproject Django

CVE-2020-7471-PoC Django PoC for the SQL injection vulnerabi...

9.8CVSS9.9AI score0.65336EPSS
Exploits9
GithubExploit
GithubExploit
added 2020/08/03 5:29 a.m.175 views

Exploit for SQL Injection in Djangoproject Django

DOBBYISFREE! - 출제된 CTF: 2020 Christmas CTFhttps://dreamh...

9.8CVSS8.3AI score0.65336EPSS
Exploits9
OpenVAS
OpenVAS
added 2020/06/23 12:0 a.m.29 views

Fedora: Security Advisory for python-django (FEDORA-2020-c2639662af)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS7.6AI score0.65336EPSS
Exploits9References2
OpenVAS
OpenVAS
added 2020/06/23 12:0 a.m.33 views

Fedora: Security Advisory for python-django (FEDORA-2020-2e7d30f7aa)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS7.3AI score0.65336EPSS
Exploits15References2
Tenable Nessus
Tenable Nessus
added 2020/06/22 12:0 a.m.46 views

Fedora 31 : python-django (2020-2e7d30f7aa)

Security fix for CVE-2020-7471. - Security fix for CVE-2020-9402. - Security fix for CVE-2020-13254. - Security fix for CVE-2020-13596. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to...

9.8CVSS6.9AI score0.65336EPSS
Exploits9References5
Tenable Nessus
Tenable Nessus
added 2020/06/22 12:0 a.m.31 views

Fedora 32 : python-django (2020-c2639662af)

Security fix for CVE-2020-7471. - Security fix for CVE-2020-9402. - Security fix for CVE-2020-13254. - Security fix for CVE-2020-13596. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to...

9.8CVSS6.9AI score0.65336EPSS
Exploits9References5
Tenable Nessus
Tenable Nessus
added 2020/05/01 12:0 a.m.79 views

GLSA-202004-17 : Django: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202004-17 Django: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Django. Please review the CVE identifiers referenced below for details. Impact : A remote attacker, by sending specially crafted input,...

9.8CVSS6.7AI score0.65336EPSS
Exploits15References10
ALT Linux
ALT Linux
added 2020/04/12 12:0 a.m.36 views

Security fix for the ALT Linux 9 package python3-module-django version 2.2.12-alt1

April 12, 2020 Alexey Shabalin 2.2.12-alt1 - 2.2.12 - Fixes for the following security vulnerabilities: + CVE-2019-19118 Privilege escalation in the Django admin. + CVE-2019-19844 Potential account hijack via password reset form + CVE-2020-7471 Potential SQL injection via StringAggdelimiter +...

7.5CVSS9.2AI score0.65336EPSS
Exploits15
Gitee
Gitee
added 2020/03/17 6:23 p.m.9 views

Exploit for SQL Injection in Djangoproject Django

CVE-2020-7471 这个仓库提供 CVE-2020-7471 Potential SQL injection via StringAggdelimiter 漏洞的环境和 POC 受影响的 django 版本 - 1.11 到 1.11.28(不含) - 2.2 到 2.2.10(不含) - 3.0 到 3.0.3(不含) 下载使用前需要如下操作: 1. 安装 django 漏洞版本,我测试用的是 python pip install django==3.0.2 -i https://pypi.tuna.tsinghua.edu.cn/simple 2. 参考...

9.8CVSS9.3AI score0.65336EPSS
Exploits9
GithubExploit
GithubExploit
added 2020/02/22 1:32 a.m.11 views

Exploit for SQL Injection in Djangoproject Django

CVE-2020-7471 This repository provides environments and P...

9.8CVSS6.8AI score0.65336EPSS
Exploits9
Tenable Nessus
Tenable Nessus
added 2020/02/20 12:0 a.m.40 views

Debian DSA-4629-1 : python-django - security update

Simon Charette discovered that Django, a high-level Python web development framework, did not properly handle input in its PostgreSQL module. A remote attacker could leverage this to perform SQL injection attacks. C Tenable Network Security, Inc. The descriptive text and package checks in this...

9.8CVSS7.2AI score0.65336EPSS
Exploits9References6
OpenVAS
OpenVAS
added 2020/02/20 12:0 a.m.43 views

Debian: Security Advisory (DSA-4629-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.65336EPSS
Exploits9References4
Debian
Debian
added 2020/02/19 8:16 a.m.35 views

[SECURITY] [DSA 4629-1] python-django security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4629-1 [email protected] https://www.debian.org/security/ Sebastien Delafond February 19, 2020 https://www.debian.org/security/faq -...

7.5CVSS2.3AI score0.65336EPSS
Exploits9
Debian
Debian
added 2020/02/19 8:16 a.m.77 views

[SECURITY] [DSA 4629-1] python-django security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4629-1 [email protected] https://www.debian.org/security/ Sebastien Delafond February 19, 2020 https://www.debian.org/security/faq -...

9.8CVSS9.6AI score0.65336EPSS
Exploits9
vulnersOsv
vulnersOsv
added 2020/02/11 9:3 p.m.3 views

allianceauth (>=2.1.0 <=2.1.1), beanstalk-dispatch (>=0.0.3 <=0.0.5) +229 more potentially affected by CVE-2020-7471 via django (>=2.0.0 <=2.2.1)

django PYPI version =2.0.0, =2.1.0, =0.0.3, =0.1.0, =0.1.0, =0.1.0, =0.5.0, =3.0.0, =2.1.0, =0.0.1, =0.0.29 - dj-nexmo =0.0.2 and more Source cves: CVE-2020-7471 Source advisory: OSV:GHSA-HMR4-M2H5-33QX...

9.8CVSS6.7AI score0.65336EPSS
Exploits9
OpenVAS
OpenVAS
added 2020/02/05 12:0 a.m.77 views

Django 1.11.x < 1.11.28, 2.2.x < 2.2.10, 3.0.x < 3.0.3 SQL Injection Vulnerability - Linux

Django is prone to an SQL injection vulnerability. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:djangoproject:django"; if...

9.8CVSS9.9AI score0.65336EPSS
Exploits9References1
NVD
NVD
added 2020/02/03 12:15 p.m.16 views

CVE-2020-7471

Django 1.11 before 1.11.28, 2.2 before 2.2.10, and 3.0 before 3.0.3 allows SQL Injection if untrusted data is used as a StringAgg delimiter e.g., in Django applications that offer downloads of data as a series of rows with a user-specified column delimiter. By passing a suitably crafted delimiter...

9.8CVSS9.7AI score0.65336EPSS
Exploits9References12
vulnersOsv
vulnersOsv
added 2020/02/03 12:15 p.m.3 views

capreolus (>=0.1.0 <=0.1.1), django-basic-auth-ip-whitelist (=0.2.0) +18 more potentially affected by CVE-2020-7471 via django (>=2.2.0 <=2.2.1)

django PYPI version =2.2.0, =0.1.0, =0.0.1, =0.0.1, =0.0.1, =0.0.2, =0.0.16 - ibm-db-django =1.3.0.0 - irekua-database =0.1.0 and more Source cves: CVE-2020-7471 Source advisory: OSV:PYSEC-2020-35...

9.8CVSS6.7AI score0.65336EPSS
Exploits9
vulnersOsv
vulnersOsv
added 2020/02/03 12:15 p.m.7 views

argus-server (>=1.0.0 <=1.1.1), ariadne-extended (>=0.1.0 <=0.1.12) +152 more potentially affected by CVE-2020-7471 via django (>=3.0.0 <=3.0.2)

django PYPI version =3.0.0, =1.0.0, =0.1.0, =0.1.3, =0.18.0, =0.3.0, =2.8.0, =0.1.1, =0.0.1, =0.4.0, =3.0.1, =3.0.2 and more Source cves: CVE-2020-7471 Source advisory: OSV:PYSEC-2020-35...

9.8CVSS6.7AI score0.65336EPSS
Exploits9
Rows per page
Query Builder