4 matches found
CVE-2023-30552
Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an attacker to query the connected databases. Affected versions are subject to SQL injection in the sql/instance.py endpoint's describe method. In several cases, user...
Sql injection
Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an attacker to query the connected databases. Affected versions are subject to SQL injection in the sql/instance.py endpoint's describe method. In several cases, user...
CVE-2023-30552 SQL injection in sql/instance.py endpoint in Archery - GHSL-2022-101
Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an attacker to query the connected databases. Affected versions are subject to SQL injection in the sql/instance.py endpoint's describe method. In several cases, user...
CVE-2023-30552
CVE-2023-30552 concerns Archery, an open source SQL audit platform. The provided documents describe multiple SQL injection vulnerabilities in the Archery project, specifically in the sql/instance.py endpoint’s describe method. The root cause is unsafe concatenation of user input (tb_name, db_name...