25 matches found
EUVD-2021-0052
Malware in sbrugna...
EUVD-2022-5208
Malicious code in bioql PyPI...
MAL-2024-10239 Malicious code in debug-toolbar (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 57a187231b24ff90938749793a1f8f768e606a7fe5da9d2c6d74510419c14ed0 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in debug-toolbar (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 57a187231b24ff90938749793a1f8f768e606a7fe5da9d2c6d74510419c14ed0 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
OPENSUSE-SU-2024:14137-1 python310-django-debug-toolbar-4.3-1.2 on GA media
These are all security issues fixed in the python310-django-debug-toolbar-4.3-1.2 package on the GA media of openSUSE Tumbleweed...
SUSE CVE-2021-30459
A SQL Injection issue in the SQL Panel in Jazzband Django Debug Toolbar before 1.11.1, 2.x before 2.2.1, and 3.x before 3.2.1 allows attackers to execute SQL statements by changing the rawsql input field of the SQL explain, analyze, or select form...
GHSA-RP89-32RP-QPQ2 Pagekit Weak Password Recovery Mechanism for Forgotten Password
An issue was discovered in Pagekit CMS before 1.0.11. In this vulnerability the remote attacker is able to reset the registered user's password, when the debug toolbar is enabled. The password is successfully recovered using this exploit. The SecureLayer7 ID is SL7PGKT01...
label-studio (>=1.1.0 <=1.2.0), thenewboston-ml-dev (=0.2.3) potentially affected by CVE-2021-30459 via django-debug-toolbar (=3.2.0)
django-debug-toolbar PYPI version =3.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on django-debug-toolbar and may be impacted: - label-studio =1.1.0, =1.2.0 - thenewboston-ml-dev =0.2.3 Source cves: CVE-2021-30459 Source advisory:...
mc4ep-lavender (>=0.8.0 <=0.17.0), muses-lpdp (>=0.2.2 <=0.4.0rc1590080566) +2 more potentially affected by CVE-2021-30459 via django-debug-toolbar (>=2.1.0 <=2.2.0)
django-debug-toolbar PYPI version =2.1.0, =0.8.0, =0.2.2, =0.1.2, =0.1.6 Source cves: CVE-2021-30459 Source advisory: OSV:GHSA-PGHF-347X-C2GJ...
GHSA-PGHF-347X-C2GJ SQL Injection via in django-debug-toolbar
Impact With Django Debug Toolbar attackers are able to execute SQL by changing the rawsql input of the SQL explain, analyze or select forms and submitting the form. NOTE: This is a high severity issue for anyone using the toolbar in a production environment. Generally the Django Debug Toolbar tea...
CVE-2021-30459
A SQL Injection issue in the SQL Panel in Jazzband Django Debug Toolbar before 1.11.1, 2.x before 2.2.1, and 3.x before 3.2.1 allows attackers to execute SQL statements by changing the rawsql input field of the SQL explain, analyze, or select form...
CVE-2021-30459
A SQL Injection issue in the SQL Panel in Jazzband Django Debug Toolbar before 1.11.1, 2.x before 2.2.1, and 3.x before 3.2.1 allows attackers to execute SQL statements by changing the rawsql input field of the SQL explain, analyze, or select form...
PYSEC-2021-10
A SQL Injection issue in the SQL Panel in Jazzband Django Debug Toolbar before 1.11.1, 2.x before 2.2.1, and 3.x before 3.2.1 allows attackers to execute SQL statements by changing the rawsql input field of the SQL explain, analyze, or select form...
Sql injection
A SQL Injection issue in the SQL Panel in Jazzband Django Debug Toolbar before 1.11.1, 2.x before 2.2.1, and 3.x before 3.2.1 allows attackers to execute SQL statements by changing the rawsql input field of the SQL explain, analyze, or select form...
label-studio (>=1.1.0 <=1.2.0), thenewboston-ml-dev (=0.2.3) potentially affected by CVE-2021-30459 via django-debug-toolbar (=3.2.0)
django-debug-toolbar PYPI version =3.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on django-debug-toolbar and may be impacted: - label-studio =1.1.0, =1.2.0 - thenewboston-ml-dev =0.2.3 Source cves: CVE-2021-30459 Source advisory: OSV:PYSEC-2021-10...
mc4ep-lavender (>=0.8.0 <=0.17.0), muses-lpdp (>=0.2.2 <=0.4.0rc1590080566) +2 more potentially affected by CVE-2021-30459 via django-debug-toolbar (>=2.1.0 <=2.2.0)
django-debug-toolbar PYPI version =2.1.0, =0.8.0, =0.2.2, =0.1.2, =0.1.6 Source cves: CVE-2021-30459 Source advisory: OSV:PYSEC-2021-10...
PYSEC-2021-10
A SQL Injection issue in the SQL Panel in Jazzband Django Debug Toolbar before 1.11.1, 2.x before 2.2.1, and 3.x before 3.2.1 allows attackers to execute SQL statements by changing the rawsql input field of the SQL explain, analyze, or select form...
CVE-2021-30459
CVE-2021-30459 affects Django Debug Toolbar (Jazzband) with a SQL injection in the SQL Panel. The vulnerability allows attackers to execute arbitrary SQL by modifying the raw_sql input in the SQL explain, analyze, or select forms. Affected versions are Django Debug Toolbar before 1.11.1, 2.x befo...
CVE-2021-30459
A SQL Injection issue in the SQL Panel in Jazzband Django Debug Toolbar before 1.11.1, 2.x before 2.2.1, and 3.x before 3.2.1 allows attackers to execute SQL statements by changing the rawsql input field of the SQL explain, analyze, or select form...
Django SQL注入漏洞
Django is the Django Foundation's set of open source Web application framework based on the Python language . The framework includes an object-oriented mapper, view system, template system, and more. An SQL injection vulnerability exists in Django Debug Toolbar, which can be exploited by an...