Django Archives - Security Affairs

Django

Pierluigi Paganini July 04, 2022

Popular Django web framework affected by a SQL Injection flaw. Upgrade it now!

The development team behind the Django Project has addressed a high-severity SQL Injection flaw in its framework. Django is a free and open-source, Python-based web framework that follows the model–template–views (MTV) architectural pattern. Django is maintained by the independent organization Django Software Foundation. The latest releases of the framework, Django 4.0.6 and 3.2.14, addressed a high-severity SQL […]

Pierluigi Paganini March 31, 2018

Tens of thousands of misconfigured Django apps leak sensitive data

The security researcher Fábio Castro discovered tens of thousands of Django apps that expose sensitive data because developers forget to disable the debug mode. Security researchers have discovered misconfigured Django applications that are exposing sensitive information, including passwords, API keys, or AWS access tokens. Django is a very popular high-level Python Web framework that allows rapid development of Python-based web applications. The […]

Django

Popular Django web framework affected by a SQL Injection flaw. Upgrade it now!

Tens of thousands of misconfigured Django apps leak sensitive data

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Qilin ransomware claimed responsibility for the attack on the beer giant Asahi

DragonForce, LockBit, and Qilin, a new triad aims to dominate the ransomware landscape

DraftKings thwarts credential stuffing attack, but urges password reset and MFA

Redis patches 13-Year-Old Lua flaw enabling Remote Code Execution

U.S. CISA adds Synacor Zimbra Collaboration Suite (ZCS) flaw to its Known Exploited Vulnerabilities catalog

QUICK LINKS

Django

Popular Django web framework affected by a SQL Injection flaw. Upgrade it now!

Tens of thousands of misconfigured Django apps leak sensitive data

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Qilin ransomware claimed responsibility for the attack on the beer giant Asahi

DragonForce, LockBit, and Qilin, a new triad aims to dominate the ransomware landscape

DraftKings thwarts credential stuffing attack, but urges password reset and MFA

Redis patches 13-Year-Old Lua flaw enabling Remote Code Execution

U.S. CISA adds Synacor Zimbra Collaboration Suite (ZCS) flaw to its Known Exploited Vulnerabilities catalog

Subscribe to my email list and stay
up-to-date!