CVE-2019-25021

An issue was discovered in Scytl sVote 2.1. Due to the implementation of the database manager, an attacker can access the OrientDB by providing admin as the admin password. A different password cannot be set because of the implementation in code...

CVE-2003-0943

web-tools in SAP DB before 7.4.03.30 installs several services that are enabled by default, which could allow remote attackers to obtain potentially sensitive information or redirect attacks against internal databases via 1 waecho, 2 Web SQL Interface websql, or 3 Web Database Manager webdbm...

VulnCheck KEV: CVE-2025-2636

The InstaWP Connect – 1-click WP Staging & Migration plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 0.1.0.85 via the 'instawp-database-manager' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary...

CVE-2024-5309

The Form Vibes – Database Manager for Forms plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a missing capability check on the fvexportcsv, resetsettings, savesettings, savecolumnssettings, getanalyticsdata, geteventlogsdata, deletesubmissions, and...

CVE-2024-5309 Form Vibes – Database Manager for Forms <= 1.4.12 - Missing Authorization in Multiple Functions

The Form Vibes – Database Manager for Forms plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a missing capability check on the fvexportcsv, resetsettings, savesettings, savecolumnssettings, getanalyticsdata, geteventlogsdata, deletesubmissions, and...

WordPress Form Vibes – Database Manager for Forms plugin <= 1.4.12 - Missing Authorization in Multiple Functions vulnerability

Missing Authorization in Multiple Functions vulnerability discovered by Peter Thaleikis in WordPress Plugin Form Vibes – Database Manager for Forms versions = 1.4.12...

WordPress Form Vibes – Database Manager for Forms Plugin <= 1.4.12 is vulnerable to Broken Access Control

Software Form Vibes – Database Manager for Forms Type Plugin Vulnerable versions = 1.4.12 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-5309 Patch priority Low CVSS severity Low 5.4 Developer WPVibes PSID abc9bfead98c Credits Peter Thaleikis...

Odoo Database Manager Detected

Odoo is a popular ERP and CRM open-source platform. Odoo includes a database manager which can help administrators performing management operations on their Odoo databases through a web interface. When exposed, this web interface can help an attacker trying to bruteforce weak master passwords and...

WordPress Form Vibes – Database Manager for Forms Plugin <= 1.4.10 is vulnerable to SQL Injection

Software Form Vibes – Database Manager for Forms Type Plugin Vulnerable versions = 1.4.10 Fixed in 1.4.11 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-5325 Patch priority High CVSS severity High 8.5 Developer WPVibes PSID ede7aa3d2234 Credits Peter Thaleikis Required...

InstaWP Connect < 0.1.0.9 - Cross-Site Request Forgery via create_file_db_manager

Description The plugin is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.1.0.8. This is due to missing or incorrect nonce validation on the createfiledbmanager function. This makes it possible for unauthenticated attackers to make use of the file and database...

WordPress Form Vibes – Database Manager for Forms Plugin <= 1.4.8 is vulnerable to Cross Site Scripting (XSS)

Software Form Vibes – Database Manager for Forms Type Plugin Vulnerable versions = 1.4.8 Fixed in 1.4.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer WPVibes PSID cd425a15435a Credits Rafie Muhammad...

SUSE CVE-2015-2728

The IndexedDatabaseManager class in the IndexedDB implementation in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 misinterprets an unspecified IDBDatabase field as a pointer, which allows remote attackers to execute arbitrary code or cause a denial of service...

SUSE CVE-2021-42325

Froxlor through 0.10.29.1 allows SQL injection in Database/Manager/DbManagerMySQL.php via a custom DB name...

SAMSUNG TizenRT 资源管理错误漏洞

TizenRT is an application system. A lightweight RTOS-based platform that supports low-end IoT devices. SAMSUNG TizenRT suffers from a security vulnerability that originates from the lack of sqlite3free after sqlite3exec in createDB in security/provisioning/src/provisioningdatabasemanager.c, which...

PT-2022-16060 · WordPress · Wp-Dbmanager

Name of the Vulnerable Software and Affected Versions: WP-DBManager versions prior to 2.80.8 Description: The issue allows administrators to run arbitrary commands on the server in multisite installations, where only super-administrators should have this capability. Recommendations: For versions...

GHSA-6FVW-X6GW-4WV8 Froxlor SQL injection vulnerability

Froxlor through 0.10.29.1 allows SQL injection in Database/Manager/DbManagerMySQL.php via a custom DB name...

SOURCEFORGE Adminer安全漏洞

SOURCEFORGE Adminer is an application from the American SOURCEFORGE community. It provides database management in a single PHP file. A security vulnerability exists in Adminer version 4.6.2 and prior versions that stems from the presence of improper access control. An attacker can exploit the...

WordPress Form Vibes – Database Manager for Forms plugin < 1.4.3 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Form Vibes – Database Manager for Forms plugin versions 1.4.3. Solution Update the WordPress Form Vibes – Database Manager for Forms plugin to the latest available version at least 1.4.3...

WordPress Form Vibes – Database Manager for Forms plugin < 1.4.3 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Form Vibes – Database Manager for Forms plugin versions 1.4.3. Solution Update the WordPress Form Vibes – Database Manager for Forms plugin to the latest available version at least 1.4.3...

Mozilla Firefox Security Advisory (MFSA2015-61) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...