Lucene search
K

68 matches found

Nuclei
Nuclei
added 9 hours ago60 views

SolarWinds Database Performance Analyzer 11.1.457 - Cross-Site Scripting

SolarWinds Database Performance Analyzer 11.1.457 contains a reflected cross-site scripting vulnerability in its idcStateError component, where the page parameter is reflected into the HREF of the 'Try Again' Button on the page, aka a /iwc/idcStateError.iwc?page= URI. id: CVE-2018-19386 info: nam...

6.1CVSS6.4AI score0.09044EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2026/07/03 12:0 a.m.8 views

SolarWinds Database Performance Analyzer < 2026.2 Stored XSS (CVE-2026-28322)

According to its self-reported version, the SolarWinds Database Performance Analyzer DPA installation on the remote host is prior to 2026.2. It is, therefore, affected by a stored cross-site scripting vulnerability, which when exploited, can lead to unintended script execution. Note that Nessus h...

5.6CVSS5.8AI score0.00222EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/01 12:34 a.m.7 views

EUVD-2026-40457

SolarWinds Database Performance Analyzer was found to be affected by a stored cross-site scripting vulnerability, which when exploited, can lead to unintended script execution...

5.6CVSS5.6AI score0.00222EPSS
Exploits0References4
NVD
NVD
added 2026/06/30 11:17 p.m.8 views

CVE-2026-28322

SolarWinds Database Performance Analyzer was found to be affected by a stored cross-site scripting vulnerability, which when exploited, can lead to unintended script execution...

5.6CVSS0.00222EPSS
Exploits0References3
CVE
CVE
added 2026/06/30 10:15 p.m.13 views

CVE-2026-28322

CVE-2026-28322 affects SolarWinds Database Performance Analyzer (DPA). The stored cross-site scripting vulnerability can enable unintended script execution, with the public metrics indicating high impact to confidentiality and integrity, and a medium overall severity (CVSS 3.1: AV=Adjacent, AC=Hi...

5.6CVSS5.6AI score0.00222EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/30 10:15 p.m.40 views

CVE-2026-28322 SolarWinds Database Performance Analyzer Stored Cross-Site Scripting Vulnerability

SolarWinds Database Performance Analyzer was found to be affected by a stored cross-site scripting vulnerability, which when exploited, can lead to unintended script execution...

5.6CVSS0.00222EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.9 views

PT-2026-54014

Name of the Vulnerable Software and Affected Versions SolarWinds Database Performance Analyzer affected versions not specified Description A stored cross-site scripting issue exists that allows for the execution of unintended scripts. Recommendations At the moment, there is no information about a...

5.6CVSS5.9AI score0.00222EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/01/09 11:59 a.m.6 views

CVE-2018-19386

SolarWinds Database Performance Analyzer 11.1.457 contains an instance of Reflected XSS in its idcStateError component, where the page parameter is reflected into the HREF of the 'Try Again' Button on the page, aka a /iwc/idcStateError.iwc?page= URI...

6.1CVSS6AI score0.09044EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2025/10/13 12:0 a.m.5 views

SolarWinds Database Performance Analyzer (DPA) Installed (Linux)

Binary data solarwindsdpanixinstalled.nbin...

7AI score
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-8095

Malware in sbrugna...

5.4CVSS5.6AI score0.01359EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-21872

Malware in sbrugna...

6.8CVSS6.3AI score0.0307EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-7232

Malicious code in bioql PyPI...

7.5CVSS6.2AI score0.00518EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-40712

Malicious code in bioql PyPI...

5.4CVSS5.8AI score0.00398EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/10/02 12:0 a.m.2 views

SolarWinds Database Performance Analyzer (DPA) Installed (Windows)

Binary data solarwindsdpawininstalled.nbin...

7AI score
Exploits0References1
NVD
NVD
added 2025/08/12 8:15 a.m.5 views

CVE-2025-26398

SolarWinds Database Performance Analyzer was found to contain a hard-coded cryptographic key. If exploited, this vulnerability could lead to a machine-in-the-middle MITM attack against users. This vulnerability requires additional software not installed by default, local access to the server and...

6.4CVSS0.0019EPSS
Exploits0References2
CVE
CVE
added 2025/08/12 8:10 a.m.21 views

CVE-2025-26398

CVE-2025-26398 is documented as a vulnerability in SolarWinds Database Performance Analyzer where a hard-coded cryptographic key exists. According to the sources, exploitation could enable a local attacker with administrator privileges (and with access to the host where the additional software is...

6.4CVSS7AI score0.0019EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/08/12 8:10 a.m.2 views

CVE-2025-26398 SolarWinds Database Performance Analyzer Hard-coded Cryptographic Key Vulnerability

SolarWinds Database Performance Analyzer was found to contain a hard-coded cryptographic key. If exploited, this vulnerability could lead to a machine-in-the-middle MITM attack against users. This vulnerability requires additional software not installed by default, local access to the server and...

5.6CVSS7AI score0.0019EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/08/12 12:0 a.m.7 views

PT-2025-32636 · Solarwinds · Solarwinds Database Performance Analyzer

Name of the Vulnerable Software and Affected Versions: SolarWinds Database Performance Analyzer affected versions not specified Description: SolarWinds Database Performance Analyzer contains a hard-coded cryptographic key. Exploitation of this issue could lead to a machine-in-the-middle MITM atta...

5.6CVSS6.8AI score0.0019EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2025/05/22 7:2 a.m.6 views

CVE-2018-16243

SolarWinds Database Performance Analyzer DPA 11.1.468 and 12.0.3074 have several persistent XSS vulnerabilities, related to logViewer.iwc, centralManage.cen, userAdministration.iwc, database.iwc, alertManagement.iwc, eventAnnotations.iwc, and central.cen...

5.4CVSS6.1AI score0.01359EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 11:44 p.m.11 views

CVE-2022-41932

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. It's possible to make XWiki create many new schemas and fill them with tables just by using a crafted user identifier in the login form. This may lead to degraded database performance. The...

7.5CVSS6.5AI score0.00518EPSS
Exploits0References1
Rows per page
Query Builder