Computer Security
[EN] securityvulns.ru no-pyccku


SQLAlchemy SQL injection
Published:19.04.2012
Source:
SecurityVulns ID:12326
Type:library
Threat Level:
5/10
Description:SQL request data is not checked
Affected:SQLALCHEMY : SQLAlchemy 0.6
CVE:CVE-2012-0805 (Multiple SQL injection vulnerabilities in SQLAlchemy before 0.7.0b4, as used in Keystone, allow remote attackers to execute arbitrary SQL commands via the (1) limit or (2) offset keyword to the select function, or unspecified vectors to the (3) select.limit or (4) select.offset function.)
Original documentdocumentMANDRIVA, [ MDVSA-2012:059 ] python-sqlalchemy (19.04.2012)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod