258 matches found
EUVD-2016-6645
Malware in sbrugna...
EUVD-2002-0936
Malware in sbrugna...
EUVD-2018-13003
Malware in sbrugna...
EUVD-2020-0268
Malware in sbrugna...
EUVD-2004-2439
Malware in sbrugna...
EUVD-2022-3153
Malicious code in bioql PyPI...
EUVD-2022-5693
Malicious code in bioql PyPI...
EUVD-2022-5456
Malicious code in bioql PyPI...
EUVD-2022-5617
Malicious code in bioql PyPI...
EUVD-2022-4830
Malicious code in bioql PyPI...
CVE-2024-32967
Zitadel is an open source identity management system. In case ZITADEL could not connect to the database, connection information including db name, username and db host name could be returned to the user. This has been addressed in all supported release branches in a point release. There is no...
CVE-2023-30558
Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an attacker to query the connected databases. User input coming from the dbname in the sql/datadictionary.py tablelist endpoint is passed to the methods that follow in...
CVE-2023-30554
Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an attacker to query the connected databases. Affected versions are subject to SQL injection in the sqlapi/apiworkflow.py endpoint ExecuteCheck which passes unfiltered...
CVE-2021-31830
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in McAfee Database Security DBSec prior to 4.8.2 allows an administrator to embed JavaScript code when configuring the name of a database to be monitored. This would be triggered when any authorized...
CVE-2012-1607
The Command Line Interface CLI script in TYPO3 4.4.0 through 4.4.13, 4.5.0 through 4.5.13, 4.6.0 through 4.6.6, 4.7, and 6.0 allows remote attackers to obtain the database name via a direct request...
BIT-PHPMYADMIN-2025-24530
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS...
U.S. Dept Of Defense: Exposure of Sensitive Debug File Containing database dump with passwords in plain text
A publicly accessible debug file was discovered, exposing sensitive database credentials including usernames and passwords in plaintext. The file contained information such as the database name, type, and server...
CVE-2024-6281
A path traversal vulnerability exists in the applysettings function of parisneo/lollms versions prior to 9.5.1. The sanitizepath function does not adequately secure the discussiondbname parameter, allowing attackers to manipulate the path and potentially write to important system folders...
phpMyAdmin XSS when checking tables
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS...
CVE-2025-24530
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS...