10 matches found
Linux Distros Unpatched Vulnerability : CVE-2025-3818
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability, which was classified as critical, was found in webpy web.py 0.70. Affected is the function PostgresDB.processinsertquery of the file web/db.py...
DEBIAN-CVE-2025-3818
A vulnerability, which was classified as critical, was found in webpy web.py 0.70. Affected is the function PostgresDB.processinsertquery of the file web/db.py. The manipulation of the argument seqname leads to sql injection. It is possible to launch the attack remotely. The exploit has been...
UBUNTU-CVE-2025-3818
A vulnerability, which was classified as critical, was found in webpy web.py 0.70. Affected is the function PostgresDB.processinsertquery of the file web/db.py. The manipulation of the argument seqname leads to sql injection. It is possible to launch the attack remotely. The exploit has been...
CVE-2025-3818 webpy web.py db.py PostgresDB._process_insert_query sql injection
A vulnerability, which was classified as critical, was found in webpy web.py 0.70. Affected is the function PostgresDB.processinsertquery of the file web/db.py. The manipulation of the argument seqname leads to sql injection. It is possible to launch the attack remotely. The exploit has been...
CVE-2025-3818
CVE-2025-3818 affects webpy (web.py) 0.70, specifically the PostgresDB._process_insert_query in web/db.py. The vulnerability arises from manipulation of the seqname argument, enabling SQL injection that can be exploited remotely. Multiple sources corroborate, including NVD/NVD-derived data and De...
CVE-2025-3818 webpy web.py db.py PostgresDB._process_insert_query sql injection
A vulnerability, which was classified as critical, was found in webpy web.py 0.70. Affected is the function PostgresDB.processinsertquery of the file web/db.py. The manipulation of the argument seqname leads to sql injection. It is possible to launch the attack remotely. The exploit has been...
CVE-2025-3818
A vulnerability, which was classified as critical, was found in webpy web.py 0.70. Affected is the function PostgresDB.processinsertquery of the file web/db.py. The manipulation of the argument seqname leads to sql injection. It is possible to launch the attack remotely. The exploit has been...
PT-2025-17389
Name of the Vulnerable Software and Affected Versions: webpy web.py version 0.70 Description: A critical vulnerability was found in webpy web.py. The function PostgresDB. process insert query of the file web/db.py is affected. The manipulation of the argument seqname leads to SQL injection. It is...
phpMyFAQ SQL Injection at "Save News"
Summary A SQL injection vulnerability has been discovered in the the "Add News" functionality due to improper escaping of the email address. This allows any authenticated user with the rights to add/edit FAQ news to exploit this vulnerability to exfiltrate data, take over accounts and in some...
GHSA-QGXX-4XV5-6HCW phpMyFAQ SQL Injection at "Save News"
Summary A SQL injection vulnerability has been discovered in the the "Add News" functionality due to improper escaping of the email address. This allows any authenticated user with the rights to add/edit FAQ news to exploit this vulnerability to exfiltrate data, take over accounts and in some...