20 matches found
WordPress plugin Create DB Tables 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. WordPress plugins are additional applications that can b...
CVE-2023-46700
SQL injection vulnerability in LuxCal Web Calendar prior to 5.2.4M MySQL version and LuxCal Web Calendar prior to 5.2.4L SQLite version allows a remote unauthenticated attacker to execute an arbitrary SQL command by sending a crafted request, and obtain or alter information stored in the database...
Sql injection
SQL injection vulnerability in OSS Calendar versions prior to v.2.0.3 allows a remote authenticated attacker to execute arbitrary code or obtain and/or alter the information stored in the database by sending a specially crafted request...
CVE-2023-0241
pgAdmin 4 versions prior to v6.19 contains a directory traversal vulnerability. A user of the product may change another user's settings or alter the database...
CVE-2023-0241
pgAdmin 4 versions prior to v6.19 contains a directory traversal vulnerability. A user of the product may change another user's settings or alter the database...
CVE-2023-0241
pgAdmin 4 versions prior to v6.19 contains a directory traversal vulnerability. A user of the product may change another user's settings or alter the database...
SUSE CVE-2010-1975
PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, and 8.4 before 8.4.4 does not properly check privileges during certain RESET ALL operations, which allows remote authenticated users to remove arbitrary parameter settings via a 1 ALTER USER ...
SUSE CVE-2010-2008
MySQL before 5.1.48 allows remote authenticated users with alter database privileges to cause a denial of service server crash and database loss via an ALTER DATABASE command with a mysql50 string followed by a . dot, .. dot dot, ../ dot dot slash or similar sequence, and an UPGRADE DATA DIRECTOR...
pgAdmin 路径遍历漏洞
pgAdmin is an open source administration and development platform for the open source database PostgreSQL. A security vulnerability exists in pgAdmin versions prior to 4 v6.19. An attacker could exploit the vulnerability to change other users' settings or alter the database...
Oracle MySQL 'ALTER DATABASE' Remote Denial of Service Vulnerability
No description provided by source. A vulnerability was reported in MySQL. A remote authenticated user can cause denial of service conditions. This issue affects versions prior to MySQL 5.1.48. A remote authenticated user can send a specially crafted ALTER DATABASE command to cause the target serv...
Oracle MySQL - 'ALTER DATABASE' Remote Denial of Service
A vulnerability was reported in MySQL. A remote authenticated user can cause denial of service conditions. This issue affects versions prior to MySQL 5.1.48. A remote authenticated user can send a specially crafted ALTER DATABASE command to cause the target server to move a data directory into a...
Oracle MySQL ALTER DATABASE Denial Of Service
A vulnerability was reported in MySQL. A remote authenticated user can cause denial of service conditions. This issue affects versions prior to MySQL 5.1.48. A remote authenticated user can send a specially crafted ALTER DATABASE command to cause the target server to move a data directory into a...
Oracle MySQL - ALTER DATABASE Remote Denial of Service
Oracle MySQL - ALTER DATABASE Remote Denial of Service A vulnerability was reported in MySQL. A remote authenticated user can cause denial of service conditions. This issue affects versions prior to MySQL 5.1.48. A remote authenticated user can send a specially crafted ALTER DATABASE command to...
MySQL 'ALTER DATABASE' Remote DoS Vulnerability
MySQL is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mysql:mysql";...
CVE-2010-2008
MySQL before 5.1.48 allows remote authenticated users with alter database privileges to cause a denial of service server crash and database loss via an ALTER DATABASE command with a mysql50 string followed by a . dot, .. dot dot, ../ dot dot slash or similar sequence, and an UPGRADE DATA DIRECTOR...
CVE-2010-2008
MySQL before 5.1.48 allows remote authenticated users with alter database privileges to cause a denial of service server crash and database loss via an ALTER DATABASE command with a mysql50 string followed by a . dot, .. dot dot, ../ dot dot slash or similar sequence, and an UPGRADE DATA DIRECTOR...
PostgreSQL RESET ALL操作不安全权限检查漏洞
BUGTRAQ ID: 40304 CVE ID: CVE-2010-1975 PostgreSQL是一款高级对象-关系型数据库管理系统,支持扩展的SQL标准子集。 PostgreSQL在执行某些RESET ALL操作期间没有正确地执行权限检查,通过认证的远程用户可以通过ALTER USER或ALTER DATABASE语句删除任意参数设置。 PostgreSQL 8.4 PostgreSQL 8.3 PostgreSQL 8.2 PostgreSQL 8.1 PostgreSQL 8.0 PostgreSQL 7.4 厂商补丁: PostgreSQL ----------...
CVE-2010-1975
PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, and 8.4 before 8.4.4 does not properly check privileges during certain RESET ALL operations, which allows remote authenticated users to remove arbitrary parameter settings via a 1 ALTER USER ...
PostgreSQL < 8.4.4/8.3.11/8.2.17/8.1.21/8.0.25/7.4.29 Multiple Vulnerabilities
Binary data 5546.prm...
CVE-2010-1975
PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, and 8.4 before 8.4.4 does not properly check privileges during certain RESET ALL operations, which allows remote authenticated users to remove arbitrary parameter settings via a 1 ALTER USER ...