6 matches found
EUVD-2023-34984
Malicious code in bioql PyPI...
EUVD-2023-34938
Malicious code in bioql PyPI...
CVE-2023-30552
Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an attacker to query the connected databases. Affected versions are subject to SQL injection in the sql/instance.py endpoint's describe method. In several cases, user...
Sql injection
Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an attacker to query the connected databases. Affected versions are subject to SQL injection in the sqlapi/apiworkflow.py endpoint ExecuteCheck which passes unfiltered...
CVE-2023-30556 SQL injection in sql_optimize.py optimize_sqltuningadvisor method in Archery - GHSL-2022-107
Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an attacker to query the connected databases. Affected versions are subject to SQL injection in the optimizesqltuningadvisor method of sqloptimize.py. User input comin...
CVE-2023-30553 Multiple SQL injections in sql_api/api_workflow.py endpoint in Archery - GHSL-2022-102
Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an attacker to query the connected databases. Affected versions are subject to multiple SQL injections in the sqlapi/apiworkflow.py endpoint ExecuteCheck. User input...