Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
djangoproject django 1.9.1 vulnerabilities and exploits
(subscribe to this query)
6
CVSSv2
CVE-2016-2048
Django 1.9.x prior to 1.9.2, when ModelAdmin.save_as is set to True, allows remote authenticated users to bypass intended access restrictions and create ModelAdmin objects via the "Save as New" option when editing objects and leveraging the "change" permission...
Djangoproject Django 1.9
Djangoproject Django 1.9.1
5.8
CVSSv2
CVE-2017-7234
A maliciously crafted URL to a Django (1.10 prior to 1.10.7, 1.9 prior to 1.9.13, and 1.8 prior to 1.8.18) site using the ``django.views.static.serve()`` view could redirect to any other domain, aka an open redirect vulnerability.
Djangoproject Django 1.8.2
Djangoproject Django 1.8.3
Djangoproject Django 1.8.10
Djangoproject Django 1.8.11
Djangoproject Django 1.8.0
Djangoproject Django 1.9.4
Djangoproject Django 1.9.5
Djangoproject Django 1.10.1
Djangoproject Django 1.10.2
Djangoproject Django 1.9
Djangoproject Django 1.9.1
Djangoproject Django 1.8.4
Djangoproject Django 1.8.5
Djangoproject Django 1.8.12
Djangoproject Django 1.8.13
Djangoproject Django 1.9.6
Djangoproject Django 1.9.7
Djangoproject Django 1.10.3
Djangoproject Django 1.10.4
Djangoproject Django 1.9.2
Djangoproject Django 1.9.8
Djangoproject Django 1.8.1
3 Github repositories
4.3
CVSSv2
CVE-2016-2512
The utils.http.is_safe_url function in Django prior to 1.8.10 and 1.9.x prior to 1.9.3 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks or possibly conduct cross-site scripting (XSS) attacks via a URL containing basic authenticat...
Djangoproject Django 1.9
Djangoproject Django 1.9.2
Djangoproject Django 1.9.1
Djangoproject Django 1.8.9
2.6
CVSSv2
CVE-2016-2513
The password hasher in contrib/auth/hashers.py in Django prior to 1.8.10 and 1.9.x prior to 1.9.3 allows remote malicious users to enumerate users via a timing attack involving login requests.
Djangoproject Django 1.8.9
Djangoproject Django 1.9.2
Djangoproject Django 1.9.1
Djangoproject Django 1.9
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started