A vulnerability was found in MNBikeways database and classified as critical. This issue affects some unknown processing of the file Data/views.py. The manipulation of the argument id1/id2 leads to sql injection. The name of the patch is 829a027aca7c17f5a7ec1addca8dd5d5542f86ac. It is recommended to apply a patch to fix this issue. The identifier VDB-218417 was assigned to this vulnerability.
References
Link | Resource |
---|---|
https://vuldb.com/?ctiid.218417 | Permissions Required Third Party Advisory VDB Entry |
https://vuldb.com/?id.218417 | Third Party Advisory VDB Entry |
https://github.com/MNBikeways/database/commit/829a027aca7c17f5a7ec1addca8dd5d5542f86ac | Patch Third Party Advisory |
Configurations
Information
Published : 2023-01-17 05:15
Updated : 2023-01-24 11:13
NVD link : CVE-2015-10060
Mitre link : CVE-2015-10060
JSON object : View
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Products Affected
mnbikeways_database_project
- mnbikeways_database