Lucene search
K

16 matches found

GithubExploit
GithubExploit
added 2025/12/01 2:49 a.m.195 views

Exploit for OS Command Injection in Postgresql

usage: CVE-2019-9193.py -h -i IP -p PORT -d DATABASE...

9CVSS7.1AI score0.91877EPSS
Exploits17
GithubExploit
GithubExploit
added 2024/10/06 5:16 p.m.159 views

Exploit for OS Command Injection in Postgresql

EN GenPostgresRCEExploit is a PoC tool designed to exploit...

9CVSS7.7AI score0.91877EPSS
Exploits17
Packet Storm
Packet Storm
added 2023/04/06 12:0 a.m.488 views

PostgreSQL 9.6.1 Remote Code Execution

Exploit Title: PostgreSQL 9.6.1 - Remote Code Execution RCE Authenticated Date: 2023-02-01 Exploit Author: Paulo Trindade @paulotrindadec, Bruno Stabelini @Bruno Stabelini, Diego Farias @fulcrum and Weslley Shaimon Github: https://github.com/paulotrindadec/CVE-2019-9193 Version: PostgreSQL 9.6.1 ...

9CVSS7AI score0.91877EPSS
Exploits17
0day.today
0day.today
added 2023/04/05 12:0 a.m.389 views

PostgreSQL 9.6.1 - Remote Code Execution (Authenticated) Exploit

Exploit Title: PostgreSQL 9.6.1 - Remote Code Execution RCE Authenticated Exploit Author: Paulo Trindade @paulotrindadec, Bruno Stabelini @Bruno Stabelini, Diego Farias @fulcrum and Weslley Shaimon Github: https://github.com/paulotrindadec/CVE-2019-9193 Version: PostgreSQL 9.6.1 on...

7.2CVSS7.1AI score0.91877EPSS
Exploits17
Exploit DB
Exploit DB
added 2023/04/05 12:0 a.m.936 views

PostgreSQL 9.6.1 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: PostgreSQL 9.6.1 - Remote Code Execution RCE Authenticated Date: 2023-02-01 Exploit Author: Paulo Trindade @paulotrindadec, Bruno Stabelini @Bruno Stabelini, Diego Farias @fulcrum and Weslley Shaimon Github: https://github.com/paulotrindadec/CVE-2019-9193 Version: PostgreSQL 9.6.1 ...

9CVSS7.1AI score0.91877EPSS
Exploits17
Packet Storm
Packet Storm
added 2022/03/30 12:0 a.m.592 views

PostgreSQL 11.7 Remote Code Execution

Exploit Title: PostgreSQL 9.3-11.7 - Remote Code Execution RCE Authenticated Date: 2022-03-29 Exploit Author: b4keSn4ke Github: https://github.com/b4keSn4ke Vendor Homepage: https://www.postgresql.org/ Software Link: https://www.postgresql.org/download/linux/debian/ Version: 9.3 - 11.7 Tested on:...

9CVSS0.2AI score0.91877EPSS
Exploits17
0day.today
0day.today
added 2022/03/30 12:0 a.m.268 views

PostgreSQL 9.3-11.7 - Remote Code Execution (Authenticated) Exploit

Exploit Title: PostgreSQL 9.3-11.7 - Remote Code Execution RCE Authenticated Exploit Author: b4keSn4ke Github: https://github.com/b4keSn4ke Vendor Homepage: https://www.postgresql.org/ Software Link: https://www.postgresql.org/download/linux/debian/ Version: 9.3 - 11.7 Tested on: Linux x86-64 -...

7.2CVSS0.2AI score0.91877EPSS
Exploits17
GithubExploit
GithubExploit
added 2022/03/29 9:2 p.m.72 views

Exploit for OS Command Injection in Postgresql

CVE-2019–9193 - PostgreSQL 9.3-12.3 Authenticated Remote Code...

9CVSS7.4AI score0.91877EPSS
Exploits17
ThreatPost
ThreatPost
added 2020/12/11 7:41 p.m.87 views

PGMiner, Innovative Monero-Mining Botnet, Surprises Researchers

An innovative Linux-based cryptocurrency mining botnet has been uncovered, which exploits a disputed PostgreSQL remote code-execution RCE vulnerability to compromise database servers. The malware is unusual and completely novel in a host of ways, researchers said. According to researchers at Palo...

9CVSS7.5AI score0.91877EPSS
Exploits17References5
Fortinet
Fortinet
added 2020/06/26 12:0 a.m.84 views

CVE-2019-9193 PostgreSQL allows OS level commands via COPY SQL function

An OS command injection vulnerability in FortiAnalyzer, FortiAuthenticator and FortiManager may allow a privileged system administrator to run OS level commands on the system via injecting commands in SQL queries...

9CVSS5.3AI score0.91877EPSS
Exploits17Affected Software3
IBM Security Bulletins
IBM Security Bulletins
added 2020/05/27 8:42 a.m.55 views

Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to security vulnerabilities (CVE-2018-1058, CVE-2018-10936, CVE-2019-9193)

Summary IBM has announced a release for IBM Security Identity Governance and Intelligence IGI in response to security vulnerabilities 3 issues for Postgresql: 1 for a flaw in the searchpath setting2, 1 for a failure to check the host name if a host name verifier was not provided to the driver and...

9CVSS1.6AI score0.91877EPSS
Exploits18Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/01/22 10:30 p.m.34 views

Security Bulletin: IBM Security Information Queue uses database components with known vulnerabilities (CVE-2016-3506, CVE-2018-1058, CVE-2018-10936, CVE-2019-9193)

Summary IBM Security Information Queue ISIQ relies on older Oracle JDBC and PostgreSQL JAR files that have known vulnerabilities. As of v1.0.5, ISIQ switched to newer, secure versions of the JAR files. Vulnerability Details CVEID: CVE-2016-3506 DESCRIPTION: Unspecified vulnerability in the JDBC...

9CVSS0.4AI score0.91877EPSS
Exploits18Affected Software1
Check Point Advisories
Check Point Advisories
added 2019/05/20 12:0 a.m.34 views

PostgreSQL Remote Code Execution (CVE-2019-9193)

A remote code execution vulnerability exists in PostgreSQL. Successful exploitation of this vulnerability could result in arbitrary code execution on the victim machine...

9CVSS3.9AI score0.91877EPSS
Exploits17
OSV
OSV
added 2019/04/01 9:30 p.m.12 views

CVE-2019-9193

In PostgreSQL 9.3 through 11.2, the "COPY TO/FROM PROGRAM" function allows superusers and users in the 'pgexecuteserverprogram' group to execute arbitrary code in the context of the database's operating system user. This functionality is enabled by default and can be abused to run arbitrary...

7.2CVSS7.3AI score0.91877EPSS
Exploits17References8
Vulnrichment
Vulnrichment
added 2019/04/01 12:0 a.m.12 views

CVE-2019-9193

In PostgreSQL 9.3 through 11.2, the "COPY TO/FROM PROGRAM" function allows superusers and users in the 'pgexecuteserverprogram' group to execute arbitrary code in the context of the database's operating system user. This functionality is enabled by default and can be abused to run arbitrary...

8.1AI score0.91877EPSS
Exploits17References8
CVE
CVE
added 2019/04/01 12:0 a.m.1131 views

CVE-2019-9193

The CVE-2019-9193 entry concerns PostgreSQL 9.3–11.2 where the COPY TO/FROM PROGRAM functionality allows superusers or members of the pg_execute_server_program role to run arbitrary OS commands as the database server OS user. This behavior is enabled by default and can enable command execution on...

9CVSS7.4AI score0.91877EPSS
Exploits17References8Affected Software1
Rows per page
Query Builder