Lucene search
K

7 matches found

Tenable Nessus
Tenable Nessus
•added 2023/10/04 12:0 a.m.•26 views

Fedora 38 : pgadmin4 (2023-8cc61c8b14)

The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-8cc61c8b14 advisory. Backport fix for CVE-2023-5002. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

8.8CVSS7.9AI score0.0147EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added 2023/10/04 12:0 a.m.•32 views

Fedora 37 : pgadmin4 (2023-478aa17fa2)

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-478aa17fa2 advisory. Backport fix for CVE-2023-5002. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

8.8CVSS7.9AI score0.0147EPSS
Exploits0References2
Circl
Circl
•added 2023/09/22 6:31 p.m.•6 views

CVE-2023-5002

creationtimestamp| type| source ---|---|--- 2023-09-22 18:31:52+00:00| seen| https://t.me/cibsecurity/70949...

8.8CVSS8.1AI score0.0147EPSS
Exploits0References1
OSV
OSV
•added 2023/09/22 2:15 p.m.•29 views

CVE-2023-5002

A flaw was found in pgAdmin. This issue occurs when the pgAdmin server HTTP API validates the path a user selects to external PostgreSQL utilities such as pgdump and pgrestore. Versions of pgAdmin prior to 7.6 failed to properly control the server code executed on this API, allowing an...

8.8CVSS7.3AI score
Exploits0References4
Vulnrichment
Vulnrichment
•added 2023/09/22 1:31 p.m.•19 views

CVE-2023-5002 Pgadmin4: remote code execution by an authenticated user

A flaw was found in pgAdmin. This issue occurs when the pgAdmin server HTTP API validates the path a user selects to external PostgreSQL utilities such as pgdump and pgrestore. Versions of pgAdmin prior to 7.6 failed to properly control the server code executed on this API, allowing an...

6CVSS6.9AI score0.0147EPSS
Exploits0References4
Cvelist
Cvelist
•added 2023/09/22 1:31 p.m.•41 views

CVE-2023-5002 Pgadmin4: remote code execution by an authenticated user

A flaw was found in pgAdmin. This issue occurs when the pgAdmin server HTTP API validates the path a user selects to external PostgreSQL utilities such as pgdump and pgrestore. Versions of pgAdmin prior to 7.6 failed to properly control the server code executed on this API, allowing an...

6CVSS8.9AI score0.0147EPSS
Exploits0References4
CVE
CVE
•added 2023/09/22 1:31 p.m.•2576 views

CVE-2023-5002

CVE-2023-5002 affects pgAdmin’s server HTTP API where path validation for external PostgreSQL utilities (e.g., pg_dump/pg_restore) was insufficient. An authenticated user could cause the server to execute arbitrary commands due to improper control of server-side code. Reports across multiple sour...

8.8CVSS7.2AI score0.0147EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder