Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-kp2p-nbmg-ufen
Summary
SQL Injection in TYPO3 Frontend Login
Failing to properly escape user input, the frontend login component is vulnerable to SQL Injection. A valid frontend user account is needed to exploit this vulnerability.
Aliases
0
alias GHSA-j86x-pjmr-9m6w
Fixed_packages
0
url pkg:composer/typo3/cms@6.2.26
purl pkg:composer/typo3/cms@6.2.26
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dxs-cdht-27hw
1
vulnerability VCID-5hm4-ms5p-uuae
2
vulnerability VCID-727q-h3ey-6yc9
3
vulnerability VCID-8jcy-3kje-fqeh
4
vulnerability VCID-eutz-mj58-audb
5
vulnerability VCID-ev4k-5k1d-2bhu
6
vulnerability VCID-fqkx-v8t5-q3h6
7
vulnerability VCID-h217-xe8x-nua3
8
vulnerability VCID-h7hf-sf2q-73ay
9
vulnerability VCID-nqqc-nkwq-rqhx
10
vulnerability VCID-p7gd-anw2-1qbz
11
vulnerability VCID-tgyt-axv1-c7ag
12
vulnerability VCID-vq15-t92r-5bhx
13
vulnerability VCID-xw1s-93bu-wuh9
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.2.26
1
url pkg:composer/typo3/cms@7.6.10
purl pkg:composer/typo3/cms@7.6.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3ugj-6m1e-e3hr
1
vulnerability VCID-5dxs-cdht-27hw
2
vulnerability VCID-5hm4-ms5p-uuae
3
vulnerability VCID-66ru-n2df-b3ay
4
vulnerability VCID-727q-h3ey-6yc9
5
vulnerability VCID-8jcy-3kje-fqeh
6
vulnerability VCID-953t-q1cr-zyd6
7
vulnerability VCID-9saf-w56y-pugz
8
vulnerability VCID-abjx-8v46-d7d8
9
vulnerability VCID-dsqm-9q3e-dudw
10
vulnerability VCID-e564-zdku-9fc6
11
vulnerability VCID-eutz-mj58-audb
12
vulnerability VCID-ev4k-5k1d-2bhu
13
vulnerability VCID-fdnw-2tz5-4fdr
14
vulnerability VCID-fqkx-v8t5-q3h6
15
vulnerability VCID-h217-xe8x-nua3
16
vulnerability VCID-h7cg-64er-uya9
17
vulnerability VCID-h7hf-sf2q-73ay
18
vulnerability VCID-hp99-ncuh-6ugv
19
vulnerability VCID-jp1p-rfxa-hyd9
20
vulnerability VCID-jq5y-7h9g-mufa
21
vulnerability VCID-jqe4-8hzb-mfea
22
vulnerability VCID-mctp-nf36-7qdn
23
vulnerability VCID-njsj-bwjq-fyap
24
vulnerability VCID-p7gd-anw2-1qbz
25
vulnerability VCID-sy7r-d6pv-yba9
26
vulnerability VCID-tgyt-axv1-c7ag
27
vulnerability VCID-vq15-t92r-5bhx
28
vulnerability VCID-xh68-defe-f7ce
29
vulnerability VCID-xw1s-93bu-wuh9
30
vulnerability VCID-ygw4-jdqu-4fbt
31
vulnerability VCID-yz6t-ge1y-qfgr
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@7.6.10
Affected_packages
0
url pkg:composer/typo3/cms@6.2.0
purl pkg:composer/typo3/cms@6.2.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1efr-h9gq-r7h1
1
vulnerability VCID-1u4r-r97q-3yfk
2
vulnerability VCID-1usv-hs5c-akb2
3
vulnerability VCID-2f2m-tcjn-fyby
4
vulnerability VCID-2r7u-mc45-8yhe
5
vulnerability VCID-39jx-muqb-nkfq
6
vulnerability VCID-3ump-aca5-g7b6
7
vulnerability VCID-4fse-74hb-x3c9
8
vulnerability VCID-4wnp-gusy-43b8
9
vulnerability VCID-5dxs-cdht-27hw
10
vulnerability VCID-5hm4-ms5p-uuae
11
vulnerability VCID-5ppx-p8eq-mbgk
12
vulnerability VCID-5ru2-1n1f-afa4
13
vulnerability VCID-6su8-bbrw-hbhp
14
vulnerability VCID-6u6t-uy5y-5fd6
15
vulnerability VCID-727q-h3ey-6yc9
16
vulnerability VCID-7n9x-c9gs-9yb3
17
vulnerability VCID-83y4-7q4j-h7f8
18
vulnerability VCID-88un-etsg-2qas
19
vulnerability VCID-8a22-muhx-13ek
20
vulnerability VCID-8jcy-3kje-fqeh
21
vulnerability VCID-8p64-6zpt-t3av
22
vulnerability VCID-8vum-snng-jfcv
23
vulnerability VCID-95wn-6r9b-q7et
24
vulnerability VCID-9899-uxyb-73gg
25
vulnerability VCID-a1kt-str6-rqec
26
vulnerability VCID-ansr-8m5j-pya6
27
vulnerability VCID-bstt-ybrs-5ua3
28
vulnerability VCID-c57c-akce-xufq
29
vulnerability VCID-cgqm-1wwf-kbg6
30
vulnerability VCID-dd9u-w2y2-87h9
31
vulnerability VCID-dw8z-wtph-skey
32
vulnerability VCID-dwjk-7sqh-hqa8
33
vulnerability VCID-dyhd-5p1e-fya6
34
vulnerability VCID-e1gr-txgg-fqa6
35
vulnerability VCID-e1ms-4r4s-g7e7
36
vulnerability VCID-e2bk-pfbe-puek
37
vulnerability VCID-e82x-2cdb-7fgn
38
vulnerability VCID-ebku-sk43-m7bf
39
vulnerability VCID-ec17-eauu-67d3
40
vulnerability VCID-ekvp-u4kk-kqdd
41
vulnerability VCID-eutz-mj58-audb
42
vulnerability VCID-ev4k-5k1d-2bhu
43
vulnerability VCID-exjy-5cyn-zfg1
44
vulnerability VCID-fgn1-hswd-ekdf
45
vulnerability VCID-fgqa-5fx9-nkaz
46
vulnerability VCID-fqkx-v8t5-q3h6
47
vulnerability VCID-g7mm-vjbw-bbhd
48
vulnerability VCID-g9ns-sxkx-aqh1
49
vulnerability VCID-gbdn-7ce2-zuf7
50
vulnerability VCID-h217-xe8x-nua3
51
vulnerability VCID-h7hf-sf2q-73ay
52
vulnerability VCID-hm4k-wbq3-r7ej
53
vulnerability VCID-huxd-2e6q-abak
54
vulnerability VCID-hzma-cduk-3uhp
55
vulnerability VCID-j6x1-dfre-2bdq
56
vulnerability VCID-jbkw-4x2d-fqcp
57
vulnerability VCID-jenc-czvj-g3gw
58
vulnerability VCID-jeqr-9tfu-f7b2
59
vulnerability VCID-jf28-91be-6kbr
60
vulnerability VCID-jmea-qzsr-wkf4
61
vulnerability VCID-jn38-wfec-7bb2
62
vulnerability VCID-jx9x-wxwq-5khx
63
vulnerability VCID-kj76-rsr8-yqb3
64
vulnerability VCID-kp2p-nbmg-ufen
65
vulnerability VCID-kqu8-8c1n-73hr
66
vulnerability VCID-ks1q-a8x2-uqht
67
vulnerability VCID-m3nc-xbb4-yubr
68
vulnerability VCID-n18b-qe5x-z7cj
69
vulnerability VCID-n326-yy8y-xuap
70
vulnerability VCID-nhjv-nke2-2kf8
71
vulnerability VCID-nqqc-nkwq-rqhx
72
vulnerability VCID-nvbp-pbjw-3qgx
73
vulnerability VCID-p7gd-anw2-1qbz
74
vulnerability VCID-q5f3-nhjn-hyb4
75
vulnerability VCID-qek9-g3h8-nfdz
76
vulnerability VCID-r6hu-hvdh-abb1
77
vulnerability VCID-rae3-cugy-hbh5
78
vulnerability VCID-rm7r-1pqj-3fbs
79
vulnerability VCID-rs13-zf7b-mka7
80
vulnerability VCID-s4re-vww7-sugb
81
vulnerability VCID-s97a-nmk8-y3ay
82
vulnerability VCID-sdz8-hju8-4bcb
83
vulnerability VCID-sn8n-mawq-3uht
84
vulnerability VCID-tgyt-axv1-c7ag
85
vulnerability VCID-u37d-tqqe-n7d4
86
vulnerability VCID-u4tq-8qnk-5fd7
87
vulnerability VCID-u6h1-ccgw-jqds
88
vulnerability VCID-ub3e-hrb1-wqac
89
vulnerability VCID-v2qy-dbf2-bffn
90
vulnerability VCID-vq15-t92r-5bhx
91
vulnerability VCID-w58p-3wg1-7ycr
92
vulnerability VCID-w65h-8a9d-ckgj
93
vulnerability VCID-wk4s-4bcd-2yb5
94
vulnerability VCID-wms8-dnuz-b3hc
95
vulnerability VCID-x175-xjek-97ds
96
vulnerability VCID-xpxg-qq49-b7fd
97
vulnerability VCID-xt7m-u9eb-fyd9
98
vulnerability VCID-xw1s-93bu-wuh9
99
vulnerability VCID-y1ap-y4az-x7ec
100
vulnerability VCID-yn6z-9v7k-x7br
101
vulnerability VCID-yphc-ujay-7fcs
102
vulnerability VCID-ys6f-g39p-fkfc
103
vulnerability VCID-zhvz-jzf3-2uac
104
vulnerability VCID-zpxz-291y-x3c7
105
vulnerability VCID-zqe5-53je-mfaw
106
vulnerability VCID-zru2-9g25-77dc
107
vulnerability VCID-zrz3-3dnf-tbay
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.2.0
1
url pkg:composer/typo3/cms@7.6.0
purl pkg:composer/typo3/cms@7.6.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2r7u-mc45-8yhe
1
vulnerability VCID-2vpx-fqb6-aqfa
2
vulnerability VCID-39jx-muqb-nkfq
3
vulnerability VCID-3ugj-6m1e-e3hr
4
vulnerability VCID-4wnp-gusy-43b8
5
vulnerability VCID-5dxs-cdht-27hw
6
vulnerability VCID-5hm4-ms5p-uuae
7
vulnerability VCID-5ppx-p8eq-mbgk
8
vulnerability VCID-5u2f-5zzf-j3e4
9
vulnerability VCID-66ru-n2df-b3ay
10
vulnerability VCID-6su8-bbrw-hbhp
11
vulnerability VCID-727q-h3ey-6yc9
12
vulnerability VCID-8jcy-3kje-fqeh
13
vulnerability VCID-8p64-6zpt-t3av
14
vulnerability VCID-953t-q1cr-zyd6
15
vulnerability VCID-9726-hafj-wkay
16
vulnerability VCID-9saf-w56y-pugz
17
vulnerability VCID-abjx-8v46-d7d8
18
vulnerability VCID-ansr-8m5j-pya6
19
vulnerability VCID-bstt-ybrs-5ua3
20
vulnerability VCID-dd9u-w2y2-87h9
21
vulnerability VCID-dsqm-9q3e-dudw
22
vulnerability VCID-e564-zdku-9fc6
23
vulnerability VCID-e82x-2cdb-7fgn
24
vulnerability VCID-ekvp-u4kk-kqdd
25
vulnerability VCID-eutz-mj58-audb
26
vulnerability VCID-ev4k-5k1d-2bhu
27
vulnerability VCID-exjy-5cyn-zfg1
28
vulnerability VCID-fdnw-2tz5-4fdr
29
vulnerability VCID-fgqa-5fx9-nkaz
30
vulnerability VCID-fh61-7rfy-s3hg
31
vulnerability VCID-fqkx-v8t5-q3h6
32
vulnerability VCID-g7mm-vjbw-bbhd
33
vulnerability VCID-g9ns-sxkx-aqh1
34
vulnerability VCID-h217-xe8x-nua3
35
vulnerability VCID-h7cg-64er-uya9
36
vulnerability VCID-h7hf-sf2q-73ay
37
vulnerability VCID-hp99-ncuh-6ugv
38
vulnerability VCID-hzma-cduk-3uhp
39
vulnerability VCID-j8sh-5evd-dkaz
40
vulnerability VCID-jenc-czvj-g3gw
41
vulnerability VCID-jeqr-9tfu-f7b2
42
vulnerability VCID-jf28-91be-6kbr
43
vulnerability VCID-jmea-qzsr-wkf4
44
vulnerability VCID-jn38-wfec-7bb2
45
vulnerability VCID-jp1p-rfxa-hyd9
46
vulnerability VCID-jq5y-7h9g-mufa
47
vulnerability VCID-jqe4-8hzb-mfea
48
vulnerability VCID-kp2p-nbmg-ufen
49
vulnerability VCID-ks1q-a8x2-uqht
50
vulnerability VCID-m3nc-xbb4-yubr
51
vulnerability VCID-mctp-nf36-7qdn
52
vulnerability VCID-n18b-qe5x-z7cj
53
vulnerability VCID-nhjv-nke2-2kf8
54
vulnerability VCID-njsj-bwjq-fyap
55
vulnerability VCID-nvbp-pbjw-3qgx
56
vulnerability VCID-p7gd-anw2-1qbz
57
vulnerability VCID-s97a-nmk8-y3ay
58
vulnerability VCID-sdz8-hju8-4bcb
59
vulnerability VCID-sy7r-d6pv-yba9
60
vulnerability VCID-tgyt-axv1-c7ag
61
vulnerability VCID-u4tq-8qnk-5fd7
62
vulnerability VCID-u5he-6tqb-gqaf
63
vulnerability VCID-u6h1-ccgw-jqds
64
vulnerability VCID-ub3e-hrb1-wqac
65
vulnerability VCID-vq15-t92r-5bhx
66
vulnerability VCID-w58p-3wg1-7ycr
67
vulnerability VCID-wms8-dnuz-b3hc
68
vulnerability VCID-x175-xjek-97ds
69
vulnerability VCID-xh68-defe-f7ce
70
vulnerability VCID-xpxg-qq49-b7fd
71
vulnerability VCID-xt7m-u9eb-fyd9
72
vulnerability VCID-xw1s-93bu-wuh9
73
vulnerability VCID-y1ap-y4az-x7ec
74
vulnerability VCID-ygw4-jdqu-4fbt
75
vulnerability VCID-yn6z-9v7k-x7br
76
vulnerability VCID-yz6t-ge1y-qfgr
77
vulnerability VCID-zrz3-3dnf-tbay
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@7.6.0
References
0
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2016-07-19-3.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2016-07-19-3.yaml
1
reference_url https://typo3.org/security/advisory/typo3-core-sa-2016-016
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://typo3.org/security/advisory/typo3-core-sa-2016-016
2
reference_url https://github.com/advisories/GHSA-j86x-pjmr-9m6w
reference_id GHSA-j86x-pjmr-9m6w
reference_type
scores
url https://github.com/advisories/GHSA-j86x-pjmr-9m6w
Weaknesses
0
cwe_id 89
name Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
description The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component.
1
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
2
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
Exploits
Severity_range_score4.0 - 6.9
Exploitability0.5
Weighted_severity6.2
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-kp2p-nbmg-ufen