737 matches found
The vulnerability of the IBM DB2 database management system and the IBM DB2 Connect Server automatic redirection server, related to buffer overflow in the stack, allows a attacker to cause service interruptions.
The vulnerability of the IBM DB2 database management system and the IBM DB2 Connect Server automatic redirection server is related to buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to cause service interruptions by sending specially crafted requests...
RLSA-2024:0974 Important: postgresql:12 security update
PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: non-owner 'REFRESH MATERIALIZED VIEW CONCURRENTLY' executes arbitrary SQL CVE-2024-0985 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and oth...
RLSA-2025:3082 Important: postgresql:12 security update
PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation CVE-2025-1094 For more details about the security issues, including the impact, a CVSS score,...
WordPress Extensions For CF7 Plugin Path Traversal Vulnerability
WordPress Extensions For CF7 Plugin is a plugin that extends the functionality of Contact Form 7, mainly used to enhance the database management, conditional logic processing and user guidance capabilities of native forms. The WordPress Extensions For CF7 Plugin suffers from a path traversal...
Vulnerability of the Server component: The MySQL Server database management system, which allows a hacker to cause service interruptions.
Vulnerability of the MySQL Server component: The DDL system for database management of MySQL Server is vulnerable to uncontrolled resource consumption. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...
Vulnerability of the Server component: The MySQL Server database management system, which allows a hacker to cause service interruptions.
Vulnerability of the MySQL Server component: The DDL system for database management of MySQL Server is vulnerable to uncontrolled resource consumption. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...
CVE-2025-53889
Summary: CVE-2025-53889 affects Directus up to 11.9.0 where manual trigger Flows do not validate whether the triggering user has read permissions for payload items, potentially allowing unauthorized actions. The issue is fixed in 11.9.0; a workaround is to add permission checks for read access to...
PT-2025-29528 · Directus · Directus
Name of the Vulnerable Software and Affected Versions: Directus versions 9.0.0 through 11.8.99 Description: Directus is a real-time API and App dashboard for managing SQL database content. The exact Directus version number is exposed by the /server/specs/oas endpoint without authentication in...
ROS-20250703-03
A vulnerability in the pgAdmin 4 database management tool is related to improper data cleanup, provided by the user. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code. remotely to execute arbitrary code...
ROS-20250703-01
Vulnerability in Server Mode LDAP authentication configuration of database management tool pgAdmin 4 is related to incorrect session commit as a result of improper access delimitation. Exploitation of the vulnerability could allow an attacker acting remotely to bypass the security restrictions...
ROS-20250630-01
A vulnerability in the pgAdmin 4 database management tool exists due to an incorrect restriction of the name of the of the path to a restricted directory. Exploitation of the vulnerability could allow an attacker, acting remotely, to execute arbitrary code...
CVE-2025-6160
CVE-2025-6160 affects SourceCodester Client Database Management System 1.0. Affects the file /user_customer_create_order.php where manipulation of the user_id parameter enables a SQL injection. The issue can be exploited remotely and, per sources, the exploit has been disclosed publicly. Public m...
CVE-2025-6160 SourceCodester Client Database Management System user_customer_create_order.php sql injection
A vulnerability, which was classified as critical, has been found in SourceCodester Client Database Management System 1.0. This issue affects some unknown processing of the file /usercustomercreateorder.php. The manipulation of the argument userid leads to sql injection. The attack may be initiat...
SourceCodester Client Database Management System 注入漏洞
SourceCodester Client Database Management System is SourceCodester open source a client database management system . An injection vulnerability exists in SourceCodester Client Database Management System version 1.0, which originates from SQL injection due to incorrect manipulation of the paramete...
PT-2025-25618
Name of the Vulnerable Software and Affected Versions SourceCodester Client Database Management System version 1.0 Description A critical issue has been found in the software, affecting the processing of the file /user customer create order.php. The manipulation of the user id argument leads to S...
CVE-2025-40728
SQL injection vulnerability in Customer Support System v1.0. This vulnerability allows an authenticated attacker to retrieve, create, update and delete databases via the id parameter in the /customersupport/manageuser.php endpoint...
CVE-2025-40655
CVE-2025-40655 describes a SQL injection in DM Corporative CMS exploitable through the name parameter of /antcatalogue.asp, enabling an attacker to retrieve, create, update, and delete data in the back-end database. The vulnerability is documented across multiple sources (NVD, Red Hat, CNVD/CNNVD...
CVE-2025-5840
A vulnerability, which was classified as critical, was found in SourceCodester Client Database Management System 1.0. This affects an unknown part of the file /userupdatecustomerorder.php. The manipulation of the argument uploadedfile leads to unrestricted upload. It is possible to initiate the...
CVE-2025-5840
A vulnerability, which was classified as critical, was found in SourceCodester Client Database Management System 1.0. This affects an unknown part of the file /userupdatecustomerorder.php. The manipulation of the argument uploadedfile leads to unrestricted upload. It is possible to initiate the...
CVE-2025-5840
A vulnerability, which was classified as critical, was found in SourceCodester Client Database Management System 1.0. This affects an unknown part of the file /userupdatecustomerorder.php. The manipulation of the argument uploadedfile leads to unrestricted upload. It is possible to initiate the...