Lucene search
K

4 matches found

NVD
NVD
added 2023/04/19 12:15 a.m.40 views

CVE-2023-30552

Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an attacker to query the connected databases. Affected versions are subject to SQL injection in the sql/instance.py endpoint's describe method. In several cases, user...

6.5CVSS6.8AI score0.00835EPSS
Exploits1References1
Prion
Prion
added 2023/04/19 12:15 a.m.21 views

Sql injection

Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an attacker to query the connected databases. Affected versions are subject to SQL injection in the sql/instance.py endpoint's describe method. In several cases, user...

4CVSS6.8AI score0.00835EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2023/04/18 10:35 p.m.42 views

CVE-2023-30552 SQL injection in sql/instance.py endpoint in Archery - GHSL-2022-101

Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an attacker to query the connected databases. Affected versions are subject to SQL injection in the sql/instance.py endpoint's describe method. In several cases, user...

6.5CVSS7AI score0.00835EPSS
Exploits1References1
CVE
CVE
added 2023/04/18 10:35 p.m.53 views

CVE-2023-30552

CVE-2023-30552 concerns Archery, an open source SQL audit platform. The provided documents describe multiple SQL injection vulnerabilities in the Archery project, specifically in the sql/instance.py endpoint’s describe method. The root cause is unsafe concatenation of user input (tb_name, db_name...

6.5CVSS6.8AI score0.00835EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder