CVE-2026-6609 liangliangyy DjangoBlog views.py form_valid improper authorization

A flaw has been found in liangliangyy DjangoBlog up to 2.1.0.0. The affected element is the function formvalid of the file oauth/views.py. This manipulation of the argument oauthid causes improper authorization. The attack may be initiated remotely. The exploit has been published and may be used...

DjangoBlog 安全漏洞

DjangoBlog is a blog system developed by liangliangyy using Django. Versions of DjangoBlog 2.1.0.0 and earlier have security vulnerabilities. These vulnerabilities stem from incorrect handling of the oauthid parameter in the oauth/views.py file, which may lead to improper authorization...

CVE-2026-6579 liangliangyy DjangoBlog Clean Endpoint views.py missing authentication

A weakness has been identified in liangliangyy DjangoBlog up to 2.1.0.0. This impacts an unknown function of the file blog/views.py of the component Clean Endpoint. This manipulation causes missing authentication. The attack may be initiated remotely. The exploit has been made available to the...

CVE-2026-2153 mwielgoszewski doorman views.py is_safe_url redirect

A vulnerability was determined in mwielgoszewski doorman up to 0.6. This issue affects the function issafeurl of the file doorman/users/views.py. Executing a manipulation of the argument Next can lead to open redirect. The attack may be launched remotely. The exploit has been publicly disclosed a...

CVE-2025-60915

An issue in the size query parameter /views/file.py of Austrian Archaeological Institute Openatlas before v8.12.0 allows attackers to execute a path traversal via a crafted request...

CVE-2025-60915

An issue in the size query parameter /views/file.py of Austrian Archaeological Institute Openatlas before v8.12.0 allows attackers to execute a path traversal via a crafted request...

CVE-2025-60915

CVE-2025-60915 affects Austrian Openatlas: an issue in the size query parameter of /views/file.py allows path traversal with a crafted request in versions before v8.12.0. Impact is access to restricted paths; remediation is upgrading to v8.12.0 or later (no exploitation details provided in the do...

EUVD-2025-27095

Malicious code in bioql PyPI...

CVE-2024-8571

A vulnerability was found in erjemin rollcms up to 1484fe2c4e0805946a7bcf46218509fcb34883a9. It has been classified as problematic. This affects an unknown part of the file rollcms/rollcms/views.py. The manipulation leads to information exposure through error message. This product takes the...

PT-2023-10239 · Unknown · Mnbikeways Database

Name of the Vulnerable Software and Affected Versions: MNBikeways database affected versions not specified Description: A critical issue was found in the MNBikeways database, affecting the processing of the file Data/views.py. The manipulation of the id1/id2 argument leads to SQL injection...

PYSEC-2021-145

XML External Entities XXE in Quokka v0.4.0 allows remote attackers to execute arbitrary code via the component 'quokka/core/content/views.py'...

ZoneMinder 'web/views/file.php' local file inclusion vulnerability

Zoneminder is an open source web application on a centralized server that, in versions 1.0-1.30.0, allows authenticated attackers to read the local file system e.g., /etc/passwd...