Lucene search
PRIOn knowledge basePRION:CVE-2014-8681HistoryNov 21, 2014 - 3:59 p.m.
Sql injection
2014-11-2115:59:00
PRIOn knowledge base
www.prio-n.com
3
SQL injection vulnerability in the GetIssues function in models/issue.go in Gogs (aka Go Git Service) 0.3.1-9 through 0.5.6.x before 0.5.6.1025 Beta allows remote attackers to execute arbitrary SQL commands via the label parameter to user/repos/issues.
References
gogs.io/docs/intro/change_log.html
packetstormsecurity.com/files/129116/Gogs-Label-Search-Blind-SQL-Injection.html
seclists.org/fulldisclosure/2014/Nov/31
exchange.xforce.ibmcloud.com/vulnerabilities/98695
github.com/gogits/gogs/commit/83283bca4cb4e0f4ec48a28af680f0d88db3d2c8
www.exploit-db.com/exploits/35237
Related
packetstorm
packetstorm
Gogs Label Search Blind SQL Injection
2014-11-14 00:00:00
osv
osv
SQL Injection in gogs.io/gogs
2021-06-29 18:32:44
SQL Injection in github.com/gogits/gogs
2021-04-14 20:04:52
nvd
nvd
CVE-2014-8681
2014-11-21 15:59:08
github
github
SQL Injection in gogs.io/gogs
2021-06-29 18:32:44
cve
cve
CVE-2014-8681
2014-11-21 15:59:08
exploitpack
exploitpack
Gogs - label SQL Injection
2014-11-14 00:00:00
veracode
veracode
SQL Injection
2017-05-03 08:30:55
cvelist
cvelist
CVE-2014-8681
2014-11-21 15:00:00
gitlab
gitlab
exploitdb
exploitdb
Gogs - 'label' SQL Injection
2014-11-14 00:00:00
zdt
zdt
Gogs Blind SQL Injection Vulnerability
2014-11-15 00:00:00
openvas
openvas
Gogs >= 0.3.1, < 0.5.8 Multiple Vulnerabilities
2015-02-06 00:00:00