Lucene search
K

104 matches found

Redos
Redos
added 2023/10/13 12:0 a.m.31 views

ROS-20231011-01

A vulnerability in the HTTP API of the pgAdmin 4 database management tool is related to insufficient input data validation. verification of input data. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary commands on the server...

8.8CVSS7.7AI score0.0147EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2023/09/26 12:0 a.m.9 views

The vulnerability of the HTTP application programming interface of the database management tool pgAdmin 4 allows a hacker to execute arbitrary commands on the server.

The vulnerability of the HTTP application programming interface of the database management tool pgAdmin 4 relates to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands on the server remotely...

10CVSS7.9AI score0.0147EPSS
Exploits0References5Affected Software2
Tenable Nessus
Tenable Nessus
added 2023/04/20 12:0 a.m.32 views

SUSE SLES15 / openSUSE 15 Security Update : pgadmin4 (SUSE-SU-2023:1877-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:1877-1 advisory. - CVE-2023-0241: Fixed a directory traversal vulnerability bsc1207464. Tenable has extracted the preceding description block...

6.5CVSS6AI score0.08826EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2023/03/27 9:30 p.m.48 views

pgAdmin 4 vulnerable to directory traversal

pgAdmin 4 versions prior to v6.19 contains a directory traversal vulnerability. A user of the product may change another user's settings or alter the database...

6.5CVSS6.4AI score0.08826EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2023/03/27 9:15 p.m.33 views

CVE-2023-0241

pgAdmin 4 versions prior to v6.19 contains a directory traversal vulnerability. A user of the product may change another user's settings or alter the database...

6.5CVSS6.4AI score0.08826EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/03/27 12:0 a.m.9 views

CVE-2023-0241

pgAdmin 4 versions prior to v6.19 contains a directory traversal vulnerability. A user of the product may change another user's settings or alter the database...

6.6AI score0.08826EPSS
Exploits0References2
OSV
OSV
added 2023/03/27 12:0 a.m.25 views

CVE-2023-0241

pgAdmin 4 versions prior to v6.19 contains a directory traversal vulnerability. A user of the product may change another user's settings or alter the database...

6.5CVSS6.8AI score0.08826EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 3:21 a.m.2 views

SUSE CVE-2023-0241

pgAdmin 4 versions prior to v6.19 contains a directory traversal vulnerability. A user of the product may change another user's settings or alter the database...

6.5CVSS6.9AI score0.08826EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/02/01 12:0 a.m.34 views

Fedora 36 : pgadmin4 (2023-0334c6000a)

The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-0334c6000a advisory. Update to pgadmin4-6.19. ---- Backport fix for CVE-2023-22298. Tenable has extracted the preceding description block directly from the Fedora securi...

6.5CVSS5.9AI score0.08826EPSS
Exploits0References3
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2023/01/24 12:0 a.m.37 views

JVN#01398015: pgAdmin 4 vulnerable to directory traversal

PostgreSQL management tool pgAdmin 4 contains a directory traversal vulnerability CWE-22. Impact A user of the product may change another user's settings or alter the database. Solution Update the Software Update the software to the latest version according to the information provided by the...

6.5CVSS6.3AI score0.08826EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2023/01/17 12:30 p.m.40 views

pgAdmin 4 Open Redirect vulnerability

Open redirect vulnerability in pgAdmin 4 versions prior to v6.14 allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a specially crafted URL...

6.1CVSS6.4AI score0.0091EPSS
Exploits0References8Affected Software1
NVD
NVD
added 2023/01/17 10:15 a.m.18 views

CVE-2023-22298

Open redirect vulnerability in pgAdmin 4 versions prior to v6.14 allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a specially crafted URL...

6.1CVSS6.2AI score0.0091EPSS
Exploits0References5
Prion
Prion
added 2023/01/17 10:15 a.m.19 views

Open redirect

Open redirect vulnerability in pgAdmin 4 versions prior to v6.14 allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a specially crafted URL...

5.8CVSS6.3AI score0.0091EPSS
Exploits0References5Affected Software2
Positive Technologies
Positive Technologies
added 2023/01/17 12:0 a.m.6 views

PT-2023-18407

Name of the Vulnerable Software and Affected Versions pgAdmin 4 versions prior to v6.14 Description The issue allows a remote unauthenticated attacker to redirect a user to an arbitrary web site, potentially conducting a phishing attack by having the user access a specially crafted URL...

6.4CVSS6.4AI score0.0091EPSS
Exploits0References24
Vulnrichment
Vulnrichment
added 2023/01/17 12:0 a.m.5 views

CVE-2023-22298

Open redirect vulnerability in pgAdmin 4 versions prior to v6.14 allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a specially crafted URL...

6.6AI score0.0091EPSS
Exploits0References5
CVE
CVE
added 2023/01/17 12:0 a.m.127 views

CVE-2023-22298

CVE-2023-22298 is an open redirect vulnerability in pgAdmin 4 prior to version 6.14. An unauthenticated remote attacker can lure a user to click a specially crafted URL, redirecting them to an arbitrary site and enabling phishing. Affected software is pgAdmin 4; the root cause is an improper redi...

6.1CVSS6.1AI score0.0091EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2023/01/17 12:0 a.m.38 views

CVE-2023-22298

Open redirect vulnerability in pgAdmin 4 versions prior to v6.14 allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a specially crafted URL...

6.6AI score0.0091EPSS
Exploits0References5
OSV
OSV
added 2023/01/17 12:0 a.m.24 views

CVE-2023-22298

Open redirect vulnerability in pgAdmin 4 versions prior to v6.14 allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a specially crafted URL...

6.1CVSS6.2AI score0.0091EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2023/01/11 5:23 a.m.3 views

pgAdmin 4 vulnerable to open redirect

Overview pgAdmin 4 provided by pgAdmin Project contains an open redirect vulnerability CWE-601. SHIGA TAKUMA of BroadBand Security, Inc. and Yuji Tounai of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security...

6.1CVSS6.6AI score0.0091EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2023/01/11 12:0 a.m.40 views

JVN#03832974: pgAdmin 4 vulnerable to open redirect

pgAdmin 4 provided by pgAdmin Project contains an open redirect vulnerability CWE-601. Impact When accessing a specially crafted URL, the user may be redirected to an arbitrary website. As a result, the user may become a victim of a phishing attack. Solution Update the Software Update the softwar...

6.1CVSS6.2AI score0.0091EPSS
Exploits0
Rows per page
Query Builder