Description
The (1) FilePathField, (2) GenericIPAddressField, and (3) IPAddressField model field classes in Django before 1.4.11, 1.5.x before 1.5.6, 1.6.x before 1.6.3, and 1.7.x before 1.7 beta 2 do not properly perform type conversion, which allows remote attackers to have unspecified impact and vectors, related to "MySQL typecasting."
Remediation
References
Related Vulnerabilities
WordPress Plugin Pricing Table by Supsystic Multiple Vulnerabilities (1.8.1)
MySQL Other Vulnerability (CVE-2005-1636)
WordPress Plugin Contact Form 'wpcf_easyform_formid' Parameter SQL Injection (2.7.5)
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-32472)