Multiple SQL injection vulnerabilities in SQLAlchemy before 0.7.0b4, as used in Keystone, allow remote attackers to execute arbitrary SQL commands via the (1) limit or (2) offset keyword to the select function, or unspecified vectors to the (3) select.limit or (4) select.offset function.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2012-06-05T22:00:00
Updated: 2024-08-06T18:38:14.544Z
Reserved: 2012-01-19T00:00:00
Link: CVE-2012-0805
Vulnrichment
No data.
NVD
Status : Modified
Published: 2012-06-05T22:55:08.077
Modified: 2024-11-21T01:35:45.570
Link: CVE-2012-0805
Redhat