Lucene search
K

16 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-15028

Malicious code in bioql PyPI...

6.5CVSS6.4AI score0.00264EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2025-3818

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability, which was classified as critical, was found in webpy web.py 0.70. Affected is the function PostgresDB.processinsertquery of the file web/db.py...

6.5CVSS6.2AI score0.00264EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2025/05/30 12:0 a.m.5 views

Debian: Security Advisory (DLA-4189-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS7.1AI score0.00264EPSS
Exploits0References2
Debian
Debian
added 2025/05/29 11:34 a.m.7 views

[SECURITY] [DLA 4189-1] webpy security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4189-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk May 29, 2025 https://wiki.debian.org/LTS -...

6.5CVSS7.3AI score0.00264EPSS
Exploits0
OSV
OSV
added 2025/05/29 12:0 a.m.2 views

DLA-4189-1 webpy - security update

Bulletin has no description...

6.5CVSS7.2AI score0.00264EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/05/29 12:0 a.m.6 views

Debian dla-4189 : python-webpy-doc - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4189 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4189-1 [email protected] https://www.debian.org/lts/security/...

6.5CVSS6.6AI score0.00264EPSS
Exploits0References4
OSV
OSV
added 2025/04/19 8:15 p.m.2 views

DEBIAN-CVE-2025-3818

A vulnerability, which was classified as critical, was found in webpy web.py 0.70. Affected is the function PostgresDB.processinsertquery of the file web/db.py. The manipulation of the argument seqname leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

5.3CVSS6.1AI score0.00264EPSS
Exploits0References1
OSV
OSV
added 2025/04/19 8:15 p.m.6 views

CVE-2025-3818

A vulnerability, which was classified as critical, was found in webpy web.py 0.70. Affected is the function PostgresDB.processinsertquery of the file web/db.py. The manipulation of the argument seqname leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

7.3AI score
Exploits0References5
NVD
NVD
added 2025/04/19 8:15 p.m.20 views

CVE-2025-3818

A vulnerability, which was classified as critical, was found in webpy web.py 0.70. Affected is the function PostgresDB.processinsertquery of the file web/db.py. The manipulation of the argument seqname leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

6.5CVSS0.00264EPSS
Exploits0References5
OSV
OSV
added 2025/04/19 8:15 p.m.3 views

UBUNTU-CVE-2025-3818

A vulnerability, which was classified as critical, was found in webpy web.py 0.70. Affected is the function PostgresDB.processinsertquery of the file web/db.py. The manipulation of the argument seqname leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

6.3CVSS5.7AI score0.00264EPSS
Exploits0References6
Cvelist
Cvelist
added 2025/04/19 7:31 p.m.33 views

CVE-2025-3818 webpy web.py db.py PostgresDB._process_insert_query sql injection

A vulnerability, which was classified as critical, was found in webpy web.py 0.70. Affected is the function PostgresDB.processinsertquery of the file web/db.py. The manipulation of the argument seqname leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

6.5CVSS0.00264EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/04/19 7:31 p.m.8 views

CVE-2025-3818 webpy web.py db.py PostgresDB._process_insert_query sql injection

A vulnerability, which was classified as critical, was found in webpy web.py 0.70. Affected is the function PostgresDB.processinsertquery of the file web/db.py. The manipulation of the argument seqname leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

6.5CVSS7.3AI score0.00264EPSS
Exploits0References4
CVE
CVE
added 2025/04/19 7:31 p.m.83 views

CVE-2025-3818

CVE-2025-3818 affects webpy (web.py) 0.70, specifically the PostgresDB._process_insert_query in web/db.py. The vulnerability arises from manipulation of the seqname argument, enabling SQL injection that can be exploited remotely. Multiple sources corroborate, including NVD/NVD-derived data and De...

6.5CVSS6.8AI score0.00264EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2025/04/19 7:31 p.m.4 views

CVE-2025-3818

A vulnerability, which was classified as critical, was found in webpy web.py 0.70. Affected is the function PostgresDB.processinsertquery of the file web/db.py. The manipulation of the argument seqname leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

6.5CVSS6.1AI score0.00264EPSS
Exploits0
CNNVD
CNNVD
added 2025/04/19 12:0 a.m.4 views

webpy 注入漏洞

webpy is a simple and powerful python web framework from webpy open source. An injection vulnerability exists in webpy version 0.70, which stems from an incorrect manipulation of the parameter seqname in the file web/db.py resulting in SQL injection...

6.5CVSS6.8AI score0.00264EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/04/15 12:0 a.m.8 views

PT-2025-17389

Name of the Vulnerable Software and Affected Versions webpy web.py version 0.70 Description A critical vulnerability was found in webpy web.py. The function PostgresDB. process insert query of the file web/db.py is affected. The manipulation of the argument seqname leads to SQL injection. It is...

6.5CVSS6.2AI score0.00264EPSS
Exploits0References24
Rows per page
Query Builder