Description
The (1) FilePathField, (2) GenericIPAddressField, and (3) IPAddressField model field classes in Django before 1.4.11, 1.5.x before 1.5.6, 1.6.x before 1.6.3, and 1.7.x before 1.7 beta 2 do not properly perform type conversion, which allows remote attackers to have unspecified impact and vectors, related to "MySQL typecasting."
Remediation
References
Related Vulnerabilities
WordPress Plugin WP Maps-Display Google Maps Perfectly with Ease Cross-Site Request Forgery (4.2.3)
WordPress Plugin Acunetix WP Security Cross-Site Request Forgery (4.0.4)
WordPress Plugin WP Customer Area Cross-Site Scripting (7.4.2)
WordPress Plugin Estatik Real Estate Arbitrary File Upload (2.3.0)
SharePoint Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-1024)