6 matches found
CVE-2023-30554
Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an attacker to query the connected databases. Affected versions are subject to SQL injection in the sqlapi/apiworkflow.py endpoint ExecuteCheck which passes unfiltered...
Sql injection
Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an attacker to query the connected databases. Affected versions are subject to SQL injection in the sqlapi/apiworkflow.py endpoint ExecuteCheck which passes unfiltered...
CVE-2023-30554 SQL injection in sql_api/api_workflow.py endpoint in Archery - GHSL-2022-103
Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an attacker to query the connected databases. Affected versions are subject to SQL injection in the sqlapi/apiworkflow.py endpoint ExecuteCheck which passes unfiltered...
CVE-2023-30554
CVE-2023-30554 affects Archery, an open-source SQL audit platform. The vulnerability concerns multiple SQL injection flaws in the sql_api/api_workflow.py endpoint ExecuteCheck, where unfiltered input from the db_name parameter is passed through to explain_check in sql/engines/oracle.py. This chai...
CVE-2023-30554 SQL injection in sql_api/api_workflow.py endpoint in Archery - GHSL-2022-103
Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an attacker to query the connected databases. Affected versions are subject to SQL injection in the sqlapi/apiworkflow.py endpoint ExecuteCheck which passes unfiltered...
CVE-2023-30554 SQL injection in sql_api/api_workflow.py endpoint in Archery - GHSL-2022-103
Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an attacker to query the connected databases. Affected versions are subject to SQL injection in the sqlapi/apiworkflow.py endpoint ExecuteCheck which passes unfiltered...