678 matches found
BIT-WORDPRESS-2021-39201 Authenticated cross-site scripting (XSS) in WordPress editor
WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Impact The issue allows an authenticated but low-privileged user like contributor/author to execute XSS in the editor. This bypasses the restrictions imposed on users who do n...
mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2023)
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...
PT-2024-2179 · Unknown +2 · Mysql Server +2
Name of the Vulnerable Software and Affected Versions: Directus versions prior to 10.8.3 Description: The password reset mechanism of the Directus backend allows attackers to receive a password reset email of a victim user, specifically having it arrive at a similar email address as the victim wi...
Exploit for Weak Password Requirements in Laborofficefree
CVE-2024-1346 Weak MySQL database root password in LaborOffice...
mysql: Server: DDL unspecified vulnerability (CPU Jan 2024)
Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash complete DOS of MySQL Server as well a...
mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2023)
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.34 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...
Default credentials
Weak MySQL database root password in LaborOfficeFree affects version 19.10. This vulnerability allows an attacker to calculate the root password of the MySQL database used by LaborOfficeFree using two constants...
USN-6615-1: MySQL vulnerabilities
Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.36 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.10. In addition to security fixes, the updated packages contain bug fixes, new features...
CVE-2024-22432
Networker 19.9 and all prior versions contains a Plain-text Password stored in temporary config file during backup duration in NMDA MySQL Database backups. User has low privilege access to Networker Client system could potentially exploit this vulnerability, leading to the disclosure of configure...
CVE-2024-22432
Networker 19.9 and all prior versions contains a Plain-text Password stored in temporary config file during backup duration in NMDA MySQL Database backups. User has low privilege access to Networker Client system could potentially exploit this vulnerability, leading to the disclosure of configure...
Design/Logic Flaw
Networker 19.9 and all prior versions contains a Plain-text Password stored in temporary config file during backup duration in NMDA MySQL Database backups. User has low privilege access to Networker Client system could potentially exploit this vulnerability, leading to the disclosure of configure...
CVE-2024-22432
Networker 19.9 and all prior versions contains a Plain-text Password stored in temporary config file during backup duration in NMDA MySQL Database backups. User has low privilege access to Networker Client system could potentially exploit this vulnerability, leading to the disclosure of configure...
CVE-2024-22432
Networker 19.9 and all prior versions contains a Plain-text Password stored in temporary config file during backup duration in NMDA MySQL Database backups. User has low privilege access to Networker Client system could potentially exploit this vulnerability, leading to the disclosure of configure...
PT-2024-1634 · Vinchin · Vinchin Backup & Recovery
Name of the Vulnerable Software and Affected Versions: Vinchin Backup & Recovery version 7.2 Description: The issue is related to the use of default credentials in Vinchin Backup & Recovery. This could allow a remote attacker to elevate their privileges. Recommendations: For Vinchin Backup &...
PYSEC-2023-287
Nautobot is a Network Source of Truth and Network Automation Platform built as a web application atop the Django Python framework with a PostgreSQL or MySQL database. When submitting a Job to run via a Job Button, only the model-level extras.runjob permission is checked i.e., does the user have...
Database Ransomware: From Attack to Recovery
Introduction In recent years, ransomware attacks have risen sharply, due to their profitability, ease of access with ransomware-as-a-service RaaS tools, and an increasing attack surface. Ransomware is a type of attack in which the attacker locks and encrypts a victim’s data and then demands a...
编号撤回
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. This CVE number has been withdrawn...
emlog 代码问题漏洞
emlog is a PHP and MySQL based CMS builder for emlog personal developers. A code issue vulnerability exists in emlog version 6.0.0, which stems from a file upload vulnerability in /admin/plugin.php. An attacker can exploit this vulnerability to elevate privileges...
BlueCMS SQL注入漏洞
BlueCMS is a content management system CMS based on PHP and MySQL. A security vulnerability exists in BlueCMS v1.6, which can be exploited for SQL injection via the keywords parameter in search.php...
ALSA-2023:2621 Important: mysql security update
MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and libraries. The following packages have been upgraded to a later upstream version: mysql 8.0.32. BZ2177731, BZ2177732 Security Fixes: mysql: Server: Security:...