PyPI · pypi.org
sqlmap
Py Runtime Base64 Decode: base64/hex decode combined with exec/subprocess — classic obfuscated payload pattern.
Why PkgRadar flagged 1.10.6
| Severity | Signal | Evidence |
|---|---|---|
| high | Py Runtime Base64 Decode | base64/hex decode combined with exec/subprocess — classic obfuscated payload pattern. · sqlmap-1.10.6/sqlmap/thirdparty/bottle/bottle.py |
| medium | Py Import Time Eval Exec | Python eval()/exec() called on a string. · sqlmap-1.10.6/sqlmap/thirdparty/six/__init__.py |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
1.10.6 | Review | 17 | 2026-06-02 |
Block this in CI
pkgradar gate --ecosystem pypi sqlmap==1.10.6