Lucene search
K

18 matches found

CVE
CVE
added 2026/04/16 7:48 p.m.19 views

CVE-2026-40899

DataEase

8.3CVSS5.9AI score0.00388EPSS
Exploits1References2Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-6193

Malware in sbrugna...

5.3CVSS5.6AI score0.00843EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-3732

Malicious code in bioql PyPI...

5.5CVSS5.5AI score0.00383EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/05/22 3:48 p.m.10 views

CVE-2020-14027

An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. The database connection strings accept custom unsafe arguments, such as ENABLELOCALINFILE, that can be leveraged by attackers to enable MySQL Load Data Local rogue MySQL server attacks...

5.3CVSS6.8AI score0.00843EPSS
Exploits1
GithubExploit
GithubExploit
added 2023/07/29 9:26 a.m.756 views

Exploit for Command Injection in Apache Airflow

Apache Airflow SQL injection PoC CVE-2023-22884 PoC for C...

9.8CVSS10AI score0.11082EPSS
Exploits2
Github Security Blog
Github Security Blog
added 2022/05/24 4:53 p.m.15 views

MySQL for Node.js Unsafe Options

An issue was discovered in the mysql aka mysqljs module 2.17.1 for Node.js. The LOAD DATA LOCAL INFILE option is open by default...

5.5CVSS6.9AI score0.00383EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2022/05/24 4:53 p.m.11 views

GHSA-F982-MXWC-3MRX MySQL for Node.js Unsafe Options

An issue was discovered in the mysql aka mysqljs module 2.17.1 for Node.js. The LOAD DATA LOCAL INFILE option is open by default...

5.5CVSS5.3AI score0.00383EPSS
Exploits0References6
NVD
NVD
added 2020/09/22 6:15 p.m.20 views

CVE-2020-14027

An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. The database connection strings accept custom unsafe arguments, such as ENABLELOCALINFILE, that can be leveraged by attackers to enable MySQL Load Data Local rogue MySQL server attacks...

5.3CVSS0.00843EPSS
Exploits1References2
Prion
Prion
added 2020/09/22 6:15 p.m.13 views

Code injection

An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. The database connection strings accept custom unsafe arguments, such as ENABLELOCALINFILE, that can be leveraged by attackers to enable MySQL Load Data Local rogue MySQL server attacks...

3.5CVSS5.2AI score0.00843EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2020/09/22 5:23 p.m.27 views

CVE-2020-14027

An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. The database connection strings accept custom unsafe arguments, such as ENABLELOCALINFILE, that can be leveraged by attackers to enable MySQL Load Data Local rogue MySQL server attacks...

5.2AI score0.00843EPSS
Exploits1References2
CVE
CVE
added 2020/09/22 5:23 p.m.39 views

CVE-2020-14027

CVE-2020-14027 affects Ozeki NG SMS Gateway up to version 4.17.6, where database connection strings accept custom unsafe arguments (e.g., ENABLE_LOCAL_INFILE). This enables MySQL LOAD DATA LOCAL INFILE attacks via rogue servers. The connected sources confirm the vulnerable component as the databa...

5.3CVSS5.2AI score0.00843EPSS
Exploits1References2Affected Software1
Hacker One
Hacker One
added 2019/10/22 12:37 p.m.158 views

Infogram: LFI through the MySQL connection

Hello team! I've found a way to read Infogram's server local files through the MySQL connection. The problem is that you're using the LOAD DATA LOCAL feature with your MySQL client. This how an attacker can easily send server's local files to her/his database. I've successfully readed the...

7.3AI score
Exploits0
Positive Technologies
Positive Technologies
added 2019/08/15 12:0 a.m.5 views

PT-2019-9040 · Clickhouse · Clickhouse Mysql Client

Name of the Vulnerable Software and Affected Versions: ClickHouse MySQL client versions prior to 1.1.54390 Description: The issue concerns the "LOAD DATA LOCAL INFILE" functionality in the ClickHouse MySQL client, which was enabled and allowed a malicious MySQL database to read arbitrary files fr...

7.5CVSS7.3AI score0.01711EPSS
Exploits0References8
Prion
Prion
added 2019/08/12 1:15 a.m.15 views

Buffer overflow

An issue was discovered in the mysql aka mysqljs module 2.17.1 for Node.js. The LOAD DATA LOCAL INFILE option is open by default...

2.1CVSS5.5AI score0.00383EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2019/08/12 1:15 a.m.3 views

UBUNTU-CVE-2019-14939

An issue was discovered in the mysql aka mysqljs module 2.17.1 for Node.js. The LOAD DATA LOCAL INFILE option is open by default...

5.5CVSS6AI score0.00383EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2019/08/12 12:51 a.m.13 views

CVE-2019-14939

An issue was discovered in the mysql aka mysqljs module 2.17.1 for Node.js. The LOAD DATA LOCAL INFILE option is open by default...

5.5CVSS5.4AI score0.00383EPSS
Exploits0
Hacker One
Hacker One
added 2016/08/04 2:18 p.m.112 views

Internet Bug Bounty: Incorrect logic in MySQL & MariaDB protocol leads to remote SSRF/Remote file read

Overview Wrong logic in realization of LOAD DATA LOCAL INFILE function leads to remote attacker can read files from server. Problem exists in many MySQL-drivers and frameworks, on many programming languages, like Python, Java, PHP etc. For exploitation this vulnerability we need to connect to our...

6.8AI score
Exploits0
Cvelist
Cvelist
added 2007/09/04 6:0 p.m.28 views

CVE-2007-3997

The 1 MySQL and 2 MySQLi extensions in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, allow remote attackers to bypass safemode and openbasedir restrictions via MySQL LOCAL INFILE operations, as demonstrated by a query with LOAD DATA LOCAL INFILE...

9.4AI score0.13818EPSS
Exploits7References21
Rows per page
Query Builder