Количество 2
Количество 2
CVE-2014-8682
Multiple SQL injection vulnerabilities in Gogs (aka Go Git Service) 0.3.1-9 through 0.5.x before 0.5.6.1105 Beta allow remote attackers to execute arbitrary SQL commands via the q parameter to (1) api/v1/repos/search, which is not properly handled in models/repo.go, or (2) api/v1/users/search, which is not properly handled in models/user.go.
GHSA-g6xv-8q23-w2q3
SQL Injection in Gogs
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2014-8682 Multiple SQL injection vulnerabilities in Gogs (aka Go Git Service) 0.3.1-9 through 0.5.x before 0.5.6.1105 Beta allow remote attackers to execute arbitrary SQL commands via the q parameter to (1) api/v1/repos/search, which is not properly handled in models/repo.go, or (2) api/v1/users/search, which is not properly handled in models/user.go. | CVSS2: 7.5 | 67% Средний | около 11 лет назад |
| GHSA-g6xv-8q23-w2q3 SQL Injection in Gogs | CVSS3: 7.3 | 67% Средний | больше 4 лет назад |
Уязвимостей на страницу