1196 matches found
CVE-2019-13348
In Knowage through 6.1.1, an authenticated user who accesses the datasources page will gain access to any data source credentials in cleartext, which includes databases...
CVE-2019-13348
In Knowage through 6.1.1, an authenticated user who accesses the datasources page will gain access to any data source credentials in cleartext, which includes databases...
Design/Logic Flaw
In Knowage through 6.1.1, an authenticated user who accesses the datasources page will gain access to any data source credentials in cleartext, which includes databases...
CVE-2019-13348
CVE-2019-13348 affects Knowage up to 6.1.1: an authenticated user who visits the datasources page can access data source credentials in cleartext (including database credentials). Multiple connected sources corroborate this vulnerability (NVD entry, Red Hat advisory, CNVD, OSV, CVE listings). Roo...
CVE-2019-13348
In Knowage through 6.1.1, an authenticated user who accesses the datasources page will gain access to any data source credentials in cleartext, which includes databases...
CVE-2019-14245
In CentOS-WebPanel.com aka CWP CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to delete databases such as oauthv2 from the server via an attacker account...
CVE-2019-14245
In CentOS-WebPanel.com aka CWP CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to delete databases such as oauthv2 from the server via an attacker account...
Adult Content Site Exposed Personal Data of 1M Users
The personal information more than a million users of popular adult website Luscious, including email addresses that sometimes indicated full names, were found exposed in an unsecured Elasticsearch database. The website, which focuses on anime-themed, user-uploaded adult content, has over 1 milli...
PT-2019-3100 · Centos · Centos Web Panel
Name of the Vulnerable Software and Affected Versions: CentOS Web Panel version 0.9.8.851 Description: The issue is related to an insecure object reference, which allows an attacker to delete databases, such as oauthv2, from the server via an attacker account. This is due to insufficient access...
CentOS Web Panel Permissions License and Access Control Issues Vulnerability
CentOS Web Panel CWP is a free web hosting control panel. A privilege permission and access control issue vulnerability exists in CentOS Web Panel version 0.9.8.851, which can be exploited by an attacker to delete arbitrary databases...
[SECURITY] Fedora 30 Update: mariadb-connector-c-3.1.3-1.fc30
The MariaDB Native Client library C driver is used to connect applications developed in C/C++ to MariaDB and MySQL databases...
CVE-2017-18421
cPanel before 66.0.2 allows demo accounts to create databases and users SEC-271...
CVE-2017-18421
cPanel before 66.0.2 allows demo accounts to create databases and users SEC-271...
Code injection
cPanel before 66.0.2 allows demo accounts to create databases and users SEC-271...
CVE-2017-18421
cPanel prior to 66.0.2 contains a vulnerability (SEC-271) that allows demo accounts to create databases and users. Affected: cPanel before 66.0.2. Root cause specifics are not detailed in the provided documents. Impact stated as unauthorized creation/management of databases and users. Remediation...
CVE-2017-18409
In cPanel before 67.9999.103, the backup interface could return a backup archive with all MySQL databases SEC-283...
CVE-2017-18410
In cPanel before 67.9999.103, a user account's backup archive could contain all MySQL databases on the server SEC-284...
CVE-2017-18409
In cPanel before 67.9999.103, the backup interface could return a backup archive with all MySQL databases SEC-283...
CVE-2017-18410
In cPanel before 67.9999.103, a user account's backup archive could contain all MySQL databases on the server SEC-284...
CVE-2017-18411
The "addon domain conversion" feature in cPanel before 67.9999.103 can copy all MySQL databases to the new account SEC-285...