CVE-2026-1207 | Django up to 4.2.27/5.2.10/6.0.1 band index sql injection

Inserito da Angelo Barbosa | Feb 3, 2026 | CVE

A vulnerability was found in Django up to 4.2.27/5.2.10/6.0.1. It has been classified as critical. This issue affects some unknown processing. The manipulation of the argument band index leads to sql injection.

This vulnerability is referenced as CVE-2026-1207. Remote exploitation of the attack is possible. No exploit is available.

Upgrading the affected component is recommended.

CVE-2026-1207 | Django up to 4.2.27/5.2.10/6.0.1 band index sql injection

Post correlati

CVE-2025-0229 | code-projects Travel Management System 1.0 /enquiry.php pid/t1/t2/t3/t4/t5/t6/t7 sql injection

CVE-2024-32124 | Fortinet FortiIsolator up to 2.3.4/2.4.4 HTTP Request access control (FG-IR-24-045)

CVE-2025-1791 | Zorlan SkyCaiji 2.9 Tool.php fileAction save_data unrestricted upload

CVE-2024-25131 | Red Hat Openshift Dedicated Custom Defined Resource injection