Lucene search
K

5 matches found

Tenable Nessus
Tenable Nessus
added 2015/03/30 12:0 a.m.40 views

Mandriva Linux Security Advisory : python-django (MDVSA-2015:109)

Updated python-django packages fix security vulnerabilities : Jedediah Smith discovered that Django incorrectly handled underscores in WSGI headers. A remote attacker could possibly use this issue to spoof headers in certain environments CVE-2015-0219. Mikko Ohtamaa discovered that Django...

5CVSS5.7AI score0.06783EPSS
Exploits4References9
Debian CVE
Debian CVE
added 2015/01/16 4:0 p.m.26 views

CVE-2015-0222

ModelMultipleChoiceField in Django 1.6.x before 1.6.10 and 1.7.x before 1.7.3, when showhiddeninitial is set to True, allows remote attackers to cause a denial of service by submitting duplicate values, which triggers a large number of SQL queries...

5CVSS6.7AI score0.0269EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2015/01/13 12:0 a.m.28 views

CVE-2015-0222

ModelMultipleChoiceField in Django 1.6.x before 1.6.10 and 1.7.x before 1.7.3, when showhiddeninitial is set to True, allows remote attackers to cause a denial of service by submitting duplicate values, which triggers a large number of SQL queries...

5CVSS6AI score0.0269EPSS
Exploits0References3
Prion
Prion
added 2013/10/04 5:55 p.m.16 views

Cross site scripting

Cross-site scripting XSS vulnerability in the AdminURLFieldWidget widget in contrib/admin/widgets.py in Django 1.5.x before 1.5.2 and 1.6.x before 1.6 beta 2 allows remote attackers to inject arbitrary web script or HTML via a URLField...

4.3CVSS6AI score0.0288EPSS
Exploits2References8Affected Software1
Debian CVE
Debian CVE
added 2013/10/04 5:0 p.m.18 views

CVE-2013-4249

Cross-site scripting XSS vulnerability in the AdminURLFieldWidget widget in contrib/admin/widgets.py in Django 1.5.x before 1.5.2 and 1.6.x before 1.6 beta 2 allows remote attackers to inject arbitrary web script or HTML via a URLField...

4.3CVSS5.5AI score0.0288EPSS
Exploits2
Rows per page
Query Builder