CNNVD-202602-1157 Information

CNNVD ID

CNNVD-202602-1157

Related CVE

CVE-2020-37163

• CNNVD Published: 2026-02-07

Description (Chinese)

QuickDate是QuickDate公司的一个Python时间处理库。 QuickDate 1.3.2版本存在SQL注入漏洞，该漏洞源于find_matches端点中参数_located未经验证，可能导致SQL注入攻击。

Description (English)

QuickDate is a Python time processor for QuickDate. QuickDate 1.3.2 has an injection loophole in SQL, which stems from the fact that the parameter in the endpoint of the Find metches localed was unverified and could lead to an SQL injection attack.

Hazard Level

Medium

Vulnerability Type

SQL注入

Affected Vendor

QuickDate

Published

2026-02-07

Last Modified

2026-02-24

References

https://quickdatescript.com/ https://web.archive.org/web/20200112151117/ https://www.exploit-db.com/exploits/48022 https://www.vulncheck.com/advisories/quickdate-sql-injection