ΠΠΏΠΈΡΠ°Π½ΠΈΠ΅
A vulnerability, which was classified as critical, was found in webpy web.py 0.70. Affected is the function PostgresDB._process_insert_query of the file web/db.py. The manipulation of the argument seqname leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
| Π Π΅Π»ΠΈΠ· | Π‘ΡΠ°ΡΡΡ | ΠΡΠΈΠΌΠ΅ΡΠ°Π½ΠΈΠ΅ |
|---|---|---|
| devel | needs-triage | |
| esm-apps/bionic | needs-triage | |
| esm-apps/focal | needs-triage | |
| esm-apps/jammy | needs-triage | |
| esm-apps/noble | needs-triage | |
| esm-apps/xenial | needs-triage | |
| focal | ignored | end of standard support, was needs-triage |
| jammy | needs-triage | |
| noble | needs-triage | |
| oracular | needs-triage |
ΠΠΎΠΊΠ°Π·ΡΠ²Π°ΡΡ ΠΏΠΎ
EPSS
6.5 Medium
CVSS2
6.3 Medium
CVSS3
Π‘Π²ΡΠ·Π°Π½Π½ΡΠ΅ ΡΡΠ·Π²ΠΈΠΌΠΎΡΡΠΈ
A vulnerability, which was classified as critical, was found in webpy web.py 0.70. Affected is the function PostgresDB._process_insert_query of the file web/db.py. The manipulation of the argument seqname leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
A vulnerability, which was classified as critical, was found in webpy ...
A vulnerability, which was classified as critical, was found in webpy web.py 0.70. Affected is the function PostgresDB._process_insert_query of the file web/db.py. The manipulation of the argument seqname leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Π£ΡΠ·Π²ΠΈΠΌΠΎΡΡΡ ΡΡΠ½ΠΊΡΠΈΠΈ PostgresDB._process_insert_query() (file web/db.py) Π²Π΅Π±-ΡΡΠ΅ΠΉΠΌΠ²ΠΎΡΠΊΠ° ΡΠΎΠ·Π΄Π°Π½ΠΈΡ Π²Π΅Π±-ΠΏΡΠΈΠ»ΠΎΠΆΠ΅Π½ΠΈΠΉ web.py, ΠΏΠΎΠ·Π²ΠΎΠ»ΡΡΡΠ°Ρ Π½Π°ΡΡΡΠΈΡΠ΅Π»Ρ Π²ΡΠΏΠΎΠ»Π½ΠΈΡΡ ΠΏΡΠΎΠΈΠ·Π²ΠΎΠ»ΡΠ½ΡΠ΅ SQL-ΠΊΠΎΠΌΠ°Π½Π΄Ρ
EPSS
6.5 Medium
CVSS2
6.3 Medium
CVSS3