EUVD-2021-1312

Malware in sbrugna...

EUVD-2021-0934

Malware in sbrugna...

CVE-2022-1464

Stored xss bug in GitHub repository gogs/gogs prior to 0.12.7. As the repo is public , any user can view the report and when open the attachment then xss is executed. This bug allow executed any javascript code in victim account...

CVE-2024-39932

Gogs through 0.13.0 allows argument injection during the previewing of changes...

UBUNTU-CVE-2022-0415

Remote Command Execution in uploading repository file in GitHub repository gogs/gogs prior to 0.12.6...

PT-2018-14725 · Go Gitea · Gogs

Name of the Vulnerable Software and Affected Versions: Gogs version 0.11.66 Description: The issue allows remote code execution due to improper validation of session IDs. This can be exploited through a ".." session-file forgery in the file session provider, specifically in the file.go file. The...

PT-2018-12939 · Gogs +1 · Gogs +1

Name of the Vulnerable Software and Affected Versions: Gitea versions through 1.5.0-rc2 Gogs versions through 0.11.53 Description: A Server-Side Request Forgery SSRF issue in webhooks affects Gitea and Gogs, allowing remote attackers to access intranet services. Recommendations: For Gitea version...

CVE-2014-8682

Multiple SQL injection vulnerabilities in Gogs aka Go Git Service 0.3.1-9 through 0.5.x before 0.5.6.1105 Beta allow remote attackers to execute arbitrary SQL commands via the q parameter to 1 api/v1/repos/search, which is not properly handled in models/repo.go, or 2 api/v1/users/search, which is...