Lucene search
K

6 matches found

NVD
NVD
added 2023/04/19 12:15 a.m.37 views

CVE-2023-30554

Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an attacker to query the connected databases. Affected versions are subject to SQL injection in the sqlapi/apiworkflow.py endpoint ExecuteCheck which passes unfiltered...

6.5CVSS6.9AI score0.00835EPSS
Exploits1References1
Prion
Prion
added 2023/04/19 12:15 a.m.22 views

Sql injection

Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an attacker to query the connected databases. Affected versions are subject to SQL injection in the sqlapi/apiworkflow.py endpoint ExecuteCheck which passes unfiltered...

4CVSS6.8AI score0.00835EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/04/18 10:35 p.m.7 views

CVE-2023-30554 SQL injection in sql_api/api_workflow.py endpoint in Archery - GHSL-2022-103

Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an attacker to query the connected databases. Affected versions are subject to SQL injection in the sqlapi/apiworkflow.py endpoint ExecuteCheck which passes unfiltered...

6.5CVSS6.9AI score0.00835EPSS
Exploits1References1
CVE
CVE
added 2023/04/18 10:35 p.m.45 views

CVE-2023-30554

CVE-2023-30554 affects Archery, an open-source SQL audit platform. The vulnerability concerns multiple SQL injection flaws in the sql_api/api_workflow.py endpoint ExecuteCheck, where unfiltered input from the db_name parameter is passed through to explain_check in sql/engines/oracle.py. This chai...

6.5CVSS6.9AI score0.00835EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2023/04/18 10:35 p.m.35 views

CVE-2023-30554 SQL injection in sql_api/api_workflow.py endpoint in Archery - GHSL-2022-103

Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an attacker to query the connected databases. Affected versions are subject to SQL injection in the sqlapi/apiworkflow.py endpoint ExecuteCheck which passes unfiltered...

6.5CVSS7.1AI score0.00835EPSS
Exploits1References1
OSV
OSV
added 2023/04/18 10:35 p.m.26 views

CVE-2023-30554 SQL injection in sql_api/api_workflow.py endpoint in Archery - GHSL-2022-103

Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an attacker to query the connected databases. Affected versions are subject to SQL injection in the sqlapi/apiworkflow.py endpoint ExecuteCheck which passes unfiltered...

6.5CVSS7.3AI score0.00835EPSS
Exploits1References3
Rows per page
Query Builder