11 matches found
EUVD-2023-2596
Malicious code in bioql PyPI...
CVE-2023-42454
SQLpage is a SQL-only webapp builder. Someone using SQLpage versions prior to 0.11.1, whose SQLpage instance is exposed publicly, with a database connection string specified in the sqlpage/sqlpage.json configuration file not in an environment variable, with the webroot is the current working...
SQLpage vulnerable to public exposure of database credentials
Impact If - you are using a SQLPage version older than v0.11.1 - your SQLPage instance is exposed publicly - the database connection string is specified in the sqlpage/sqlpage.json configuration file not in an environment variable - the webroot is the current working directory the default - your...
GHSA-V5WF-JG37-R9M5 SQLpage vulnerable to public exposure of database credentials
Impact If - you are using a SQLPage version older than v0.11.1 - your SQLPage instance is exposed publicly - the database connection string is specified in the sqlpage/sqlpage.json configuration file not in an environment variable - the webroot is the current working directory the default - your...
CVE-2023-42454
SQLpage is a SQL-only webapp builder. Someone using SQLpage versions prior to 0.11.1, whose SQLpage instance is exposed publicly, with a database connection string specified in the sqlpage/sqlpage.json configuration file not in an environment variable, with the webroot is the current working...
Design/Logic Flaw
SQLpage is a SQL-only webapp builder. Someone using SQLpage versions prior to 0.11.1, whose SQLpage instance is exposed publicly, with a database connection string specified in the sqlpage/sqlpage.json configuration file not in an environment variable, with the webroot is the current working...
CVE-2023-42454
SQLpage CVE-2023-42454 affects versions before 0.11.1 where an exposed SQLPage instance stores the database connection string in sqlpage/sqlpage.json and the web_root is the default, allowing an attacker who can access the instance and the database to retrieve credentials and connect directly. Th...
CVE-2023-42454 SQLpage vulnerable to public exposure of database credentials
SQLpage is a SQL-only webapp builder. Someone using SQLpage versions prior to 0.11.1, whose SQLpage instance is exposed publicly, with a database connection string specified in the sqlpage/sqlpage.json configuration file not in an environment variable, with the webroot is the current working...
CVE-2023-42454 SQLpage vulnerable to public exposure of database credentials
SQLpage is a SQL-only webapp builder. Someone using SQLpage versions prior to 0.11.1, whose SQLpage instance is exposed publicly, with a database connection string specified in the sqlpage/sqlpage.json configuration file not in an environment variable, with the webroot is the current working...
CVE-2023-42454 SQLpage vulnerable to public exposure of database credentials
SQLpage is a SQL-only webapp builder. Someone using SQLpage versions prior to 0.11.1, whose SQLpage instance is exposed publicly, with a database connection string specified in the sqlpage/sqlpage.json configuration file not in an environment variable, with the webroot is the current working...
SQLpage Information Disclosure Vulnerability
SQLpage is an SQL-only web application builder. It is designed to help data scientists, analysts, and business intelligence teams quickly build powerful data-centric applications without having to worry about any traditional Web programming languages and concepts. An information disclosure...