Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:maven/com.xnx3.wangmarket/wangmarket@6.1.0

Type maven

Namespace com.xnx3.wangmarket

Name wangmarket

Version 6.1.0

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

url VCID-at76-vmzh-sbat

vulnerability_id VCID-at76-vmzh-sbat

summary

Improper Control of Generation of Code ('Code Injection')
A vulnerability was found in xnx3 wangmarket 6.1. It has been rated as critical. Affected by this issue is some unknown functionality of the component Role Management Page. The manipulation leads to code injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-248246 is the identifier assigned to this vulnerability.

references

reference_url	https://github.com/xnx3/wangmarket/issues/8
reference_id
reference_type
scores
url	https://github.com/xnx3/wangmarket/issues/8

reference_url	https://vuldb.com/?ctiid.248246
reference_id
reference_type
scores
url	https://vuldb.com/?ctiid.248246

reference_url	https://vuldb.com/?id.248246
reference_id
reference_type
scores
url	https://vuldb.com/?id.248246

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2023-6886
reference_id	CVE-2023-6886
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2023-6886

reference_url	https://github.com/advisories/GHSA-3x3w-849q-423v
reference_id	GHSA-3x3w-849q-423v
reference_type
scores
url	https://github.com/advisories/GHSA-3x3w-849q-423v

fixed_packages

aliases CVE-2023-6886, GHSA-3x3w-849q-423v

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-at76-vmzh-sbat

Fixing_vulnerabilities

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.xnx3.wangmarket/wangmarket@6.1.0

Package Instance