104 matches found
ROS-20231011-01
A vulnerability in the HTTP API of the pgAdmin 4 database management tool is related to insufficient input data validation. verification of input data. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary commands on the server...
The vulnerability of the HTTP application programming interface of the database management tool pgAdmin 4 allows a hacker to execute arbitrary commands on the server.
The vulnerability of the HTTP application programming interface of the database management tool pgAdmin 4 relates to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands on the server remotely...
SUSE SLES15 / openSUSE 15 Security Update : pgadmin4 (SUSE-SU-2023:1877-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:1877-1 advisory. - CVE-2023-0241: Fixed a directory traversal vulnerability bsc1207464. Tenable has extracted the preceding description block...
pgAdmin 4 vulnerable to directory traversal
pgAdmin 4 versions prior to v6.19 contains a directory traversal vulnerability. A user of the product may change another user's settings or alter the database...
CVE-2023-0241
pgAdmin 4 versions prior to v6.19 contains a directory traversal vulnerability. A user of the product may change another user's settings or alter the database...
CVE-2023-0241
pgAdmin 4 versions prior to v6.19 contains a directory traversal vulnerability. A user of the product may change another user's settings or alter the database...
CVE-2023-0241
pgAdmin 4 versions prior to v6.19 contains a directory traversal vulnerability. A user of the product may change another user's settings or alter the database...
SUSE CVE-2023-0241
pgAdmin 4 versions prior to v6.19 contains a directory traversal vulnerability. A user of the product may change another user's settings or alter the database...
Fedora 36 : pgadmin4 (2023-0334c6000a)
The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-0334c6000a advisory. Update to pgadmin4-6.19. ---- Backport fix for CVE-2023-22298. Tenable has extracted the preceding description block directly from the Fedora securi...
JVN#01398015: pgAdmin 4 vulnerable to directory traversal
PostgreSQL management tool pgAdmin 4 contains a directory traversal vulnerability CWE-22. Impact A user of the product may change another user's settings or alter the database. Solution Update the Software Update the software to the latest version according to the information provided by the...
pgAdmin 4 Open Redirect vulnerability
Open redirect vulnerability in pgAdmin 4 versions prior to v6.14 allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a specially crafted URL...
CVE-2023-22298
Open redirect vulnerability in pgAdmin 4 versions prior to v6.14 allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a specially crafted URL...
Open redirect
Open redirect vulnerability in pgAdmin 4 versions prior to v6.14 allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a specially crafted URL...
PT-2023-18407
Name of the Vulnerable Software and Affected Versions pgAdmin 4 versions prior to v6.14 Description The issue allows a remote unauthenticated attacker to redirect a user to an arbitrary web site, potentially conducting a phishing attack by having the user access a specially crafted URL...
CVE-2023-22298
Open redirect vulnerability in pgAdmin 4 versions prior to v6.14 allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a specially crafted URL...
CVE-2023-22298
CVE-2023-22298 is an open redirect vulnerability in pgAdmin 4 prior to version 6.14. An unauthenticated remote attacker can lure a user to click a specially crafted URL, redirecting them to an arbitrary site and enabling phishing. Affected software is pgAdmin 4; the root cause is an improper redi...
CVE-2023-22298
Open redirect vulnerability in pgAdmin 4 versions prior to v6.14 allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a specially crafted URL...
CVE-2023-22298
Open redirect vulnerability in pgAdmin 4 versions prior to v6.14 allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a specially crafted URL...
pgAdmin 4 vulnerable to open redirect
Overview pgAdmin 4 provided by pgAdmin Project contains an open redirect vulnerability CWE-601. SHIGA TAKUMA of BroadBand Security, Inc. and Yuji Tounai of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security...
JVN#03832974: pgAdmin 4 vulnerable to open redirect
pgAdmin 4 provided by pgAdmin Project contains an open redirect vulnerability CWE-601. Impact When accessing a specially crafted URL, the user may be redirected to an arbitrary website. As a result, the user may become a victim of a phishing attack. Solution Update the Software Update the softwar...