Grigi

1 exploit Active since Apr 2020
CVE-2020-11010 WRITEUP MEDIUM WRITEUP
Tortoise ORM <0.15.23-0.16.6 - SQL Injection
In Tortoise ORM before versions 0.15.23 and 0.16.6, various forms of SQL injection have been found for MySQL and when filtering or doing mass-updates on char/text fields. SQLite & PostgreSQL are only affected when filtering with contains, starts_with, or ends_with filters (and their case-insensitive counterparts).
CVSS 6.3