11 matches found
EUVD-2023-29919
Malicious code in bioql PyPI...
CVE-2023-26033
Gentoo soko is the code that powers packages.gentoo.org. Versions prior to 1.0.1 are vulnerable to SQL Injection, leading to a Denial of Service. If the user selects in user preferences the "Recently Visited Packages" view for the index page, the value of the searchhistory cookie is used as a...
Critical SQL Injection Flaws Expose Gentoo Soko to Remote Code Execution
Multiple SQL injection vulnerabilities have been disclosed in Gentoo Soko that could lead to remote code execution RCE on vulnerable systems. "These SQL injections happened despite the use of an Object-Relational Mapping ORM library and prepared statements," SonarSource researcher Thomas...
Critical SQL Injection Flaws Expose Gentoo Soko to Remote Code Execution
Multiple SQL injection vulnerabilities have been disclosed in Gentoo Soko that could lead to remote code execution RCE on vulnerable systems. "These SQL injections happened despite the use of an Object-Relational Mapping ORM library and prepared statements," SonarSource researcher Thomas...
Gentoo SQL注入漏洞
Gentoo is an open source Linux system from the Gentoo Foundation. A SQL injection vulnerability exists in Gentoo Soko versions prior to 1.0.2, which stems from a SQL injection vulnerability found in pkg/app/handler/packages/search.go...
CVE-2023-26033
Gentoo soko is the code that powers packages.gentoo.org. Versions prior to 1.0.1 are vulnerable to SQL Injection, leading to a Denial of Service. If the user selects in user preferences the "Recently Visited Packages" view for the index page, the value of the searchhistory cookie is used as a...
Sql injection
Gentoo soko is the code that powers packages.gentoo.org. Versions prior to 1.0.1 are vulnerable to SQL Injection, leading to a Denial of Service. If the user selects in user preferences the "Recently Visited Packages" view for the index page, the value of the searchhistory cookie is used as a...
Gentoo SQL注入漏洞
Gentoo is an open source Linux system from the Gentoo Foundation. A security vulnerability exists in Gentoo soko versions prior to 1.0.1, which stems from the presence of a SQL injection vulnerability that can be exploited by an attacker to cause a denial of service...
CVE-2023-26033 Gentoo soko contains DoS attack based on SQL Injection
Gentoo soko is the code that powers packages.gentoo.org. Versions prior to 1.0.1 are vulnerable to SQL Injection, leading to a Denial of Service. If the user selects in user preferences the "Recently Visited Packages" view for the index page, the value of the searchhistory cookie is used as a...
CVE-2023-26033 Gentoo soko contains DoS attack based on SQL Injection
Gentoo soko is the code that powers packages.gentoo.org. Versions prior to 1.0.1 are vulnerable to SQL Injection, leading to a Denial of Service. If the user selects in user preferences the "Recently Visited Packages" view for the index page, the value of the searchhistory cookie is used as a...
CVE-2023-26033 Gentoo soko contains DoS attack based on SQL Injection
Gentoo soko is the code that powers packages.gentoo.org. Versions prior to 1.0.1 are vulnerable to SQL Injection, leading to a Denial of Service. If the user selects in user preferences the "Recently Visited Packages" view for the index page, the value of the searchhistory cookie is used as a...