Lucene search
K

29 matches found

Tenable Nessus
Tenable Nessus
added 2015/07/17 12:0 a.m.32 views

Debian DLA-272-1 : python-django security update

Several vulnerabilities were discovered in Django, a high-level Python web development framework : CVE-2015-2317 Daniel Chatfield discovered that python-django, a high-level Python web development framework, incorrectly handled user-supplied redirect URLs. A remote attacker could use this flaw to...

7.8CVSS7.6AI score0.07266EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2015/07/09 12:0 a.m.37 views

Debian DSA-3305-1 : python-django - security update

Several vulnerabilities were discovered in Django, a high-level Python web development framework : - CVE-2015-5143 Eric Peterson and Lin Hua Cheng discovered that a new empty record used to be created in the session storage every time a session was accessed and an unknown session key was provided...

7.8CVSS7.5AI score0.07266EPSS
Exploits0References7
Debian
Debian
added 2015/03/24 7:30 p.m.39 views

[SECURITY] [DSA 3204-1] python-django security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3204-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso March 24, 2015 http://www.debian.org/security/faq -...

4.3CVSS5.7AI score0.05026EPSS
Exploits0
Packet Storm
Packet Storm
added 2015/03/03 12:0 a.m.27 views

BEdita CMS 3.5.1 Cross Site Scripting

Affected software: BEdita CMS Type of vulnerability: cross site scripting URL: bedita.com Discovered by: Provensec Website: http://www.provensec.com Description: BEdita is a web development framework that comes with a full featured CMS out of the box. Proof of concept javascript executes on login...

Exploits0
Tenable Nessus
Tenable Nessus
added 2013/09/12 12:0 a.m.40 views

Debian DSA-2755-1 : python-django - directory traversal

Rainer Koirikivi discovered a directory traversal vulnerability with'ssi' template tags in python-django, a high-level Python web development framework. It was shown that the handling of the 'ALLOWEDINCLUDEROOTS' setting, used to represent allowed prefixes for the % ssi % template tag, is...

5CVSS5.5AI score0.03182EPSS
Exploits2References4
securityvulns
securityvulns
added 2011/02/15 12:0 a.m.93 views

[SECURITY] [DSA 2163-1] python-django security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2163-1 [email protected] http://www.debian.org/security/ Nico Golde February 14, 2011 http://www.debian.org/security/faq -...

6.8CVSS0.2AI score0.01774EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2011/02/15 12:0 a.m.31 views

Debian DSA-2163-1 : python-django - multiple vulnerabilities

Several vulnerabilities were discovered in the Django web development framework : - CVE-2011-0696 For several reasons the internal CSRF protection was not used to validate AJAX requests in the past. However, it was discovered that this exception can be exploited with a combination of browser...

6.8CVSS6.8AI score0.01774EPSS
Exploits0References6
myhack58
myhack58
added 2010/10/19 12:0 a.m.23 views

Phpcms 2 0 0 8 two SQL injection vulnerabilities-vulnerability warning-the black bar safety net

Phpcms is a leading web content management system, but also is an open-source PHP development framework. SQL injectiona In the file api/space. api. php: $arrcontent = $content-listinfo"userid='$userid'", $order, 1, 1 0; //line 7 Listinfo function in the file include/admin/ content. class. php:...

7.5AI score
Exploits0
securityvulns
securityvulns
added 2006/04/05 12:0 a.m.51 views

[ECHO_ADV_27$2006] AngelineCMS 0.8.1 Installpath Remote File Inclusion

/ / | | / // / | | Y / | / / /| / / / / / / .OR.ID ECHOADV27$2006 --------------------------------------------------------------------------- ECHOADV27$2006 AngelineCMS 0.8.1 Installpath Remote File Inclusion --------------------------------------------------------------------------- Author :...

0.2AI score
Exploits0
Rows per page
Query Builder