Lucene search
+L

42 matches found

Nuclei
Nuclei
added 11 hours ago62 views

SolarWinds Database Performance Analyzer 11.1.457 - Cross-Site Scripting

SolarWinds Database Performance Analyzer 11.1.457 contains a reflected cross-site scripting vulnerability in its idcStateError component, where the page parameter is reflected into the HREF of the 'Try Again' Button on the page, aka a /iwc/idcStateError.iwc?page= URI. id: CVE-2018-19386 info: nam...

6.1CVSS5.8AI score0.09044EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2026/07/03 12:0 a.m.8 views

SolarWinds Database Performance Analyzer < 2026.2 Stored XSS (CVE-2026-28322)

According to its self-reported version, the SolarWinds Database Performance Analyzer DPA installation on the remote host is prior to 2026.2. It is, therefore, affected by a stored cross-site scripting vulnerability, which when exploited, can lead to unintended script execution. Note that Nessus h...

5.6CVSS6AI score0.00222EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/01 12:34 a.m.7 views

EUVD-2026-40457

SolarWinds Database Performance Analyzer was found to be affected by a stored cross-site scripting vulnerability, which when exploited, can lead to unintended script execution...

5.6CVSS5.6AI score0.00222EPSS
Exploits0References4
NVD
NVD
added 2026/06/30 11:17 p.m.8 views

CVE-2026-28322

SolarWinds Database Performance Analyzer was found to be affected by a stored cross-site scripting vulnerability, which when exploited, can lead to unintended script execution...

5.6CVSS0.00222EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/30 10:15 p.m.40 views

CVE-2026-28322 SolarWinds Database Performance Analyzer Stored Cross-Site Scripting Vulnerability

SolarWinds Database Performance Analyzer was found to be affected by a stored cross-site scripting vulnerability, which when exploited, can lead to unintended script execution...

5.6CVSS0.00222EPSS
Exploits0References3
CVE
CVE
added 2026/06/30 10:15 p.m.14 views

CVE-2026-28322

CVE-2026-28322 affects SolarWinds Database Performance Analyzer (DPA). The stored cross-site scripting vulnerability can enable unintended script execution, with the public metrics indicating high impact to confidentiality and integrity, and a medium overall severity (CVSS 3.1: AV=Adjacent, AC=Hi...

5.6CVSS5.6AI score0.00222EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/30 10:15 p.m.7 views

CVE-2026-28322

SolarWinds Database Performance Analyzer was found to be affected by a stored cross-site scripting vulnerability, which when exploited, can lead to unintended script execution...

5.6CVSS5.6AI score0.00222EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.12 views

PT-2026-54014

Name of the Vulnerable Software and Affected Versions SolarWinds Database Performance Analyzer affected versions not specified Description A stored cross-site scripting issue exists that allows for the execution of unintended scripts. Recommendations At the moment, there is no information about a...

5.6CVSS5.9AI score0.00222EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/01/09 11:59 a.m.7 views

CVE-2018-19386

SolarWinds Database Performance Analyzer 11.1.457 contains an instance of Reflected XSS in its idcStateError component, where the page parameter is reflected into the HREF of the 'Try Again' Button on the page, aka a /iwc/idcStateError.iwc?page= URI...

6.1CVSS6AI score0.09044EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2025/10/13 12:0 a.m.5 views

SolarWinds Database Performance Analyzer (DPA) Installed (Linux)

Binary data solarwindsdpanixinstalled.nbin...

7AI score
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-8095

Malware in sbrugna...

5.4CVSS5.6AI score0.01359EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-40712

Malicious code in bioql PyPI...

5.4CVSS5.8AI score0.00398EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/10/02 12:0 a.m.3 views

SolarWinds Database Performance Analyzer (DPA) Installed (Windows)

Binary data solarwindsdpawininstalled.nbin...

7AI score
Exploits0References1
CVE
CVE
added 2025/08/12 8:10 a.m.24 views

CVE-2025-26398

CVE-2025-26398 is documented as a vulnerability in SolarWinds Database Performance Analyzer where a hard-coded cryptographic key exists. According to the sources, exploitation could enable a local attacker with administrator privileges (and with access to the host where the additional software is...

6.4CVSS7AI score0.0019EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/08/12 8:10 a.m.2 views

CVE-2025-26398 SolarWinds Database Performance Analyzer Hard-coded Cryptographic Key Vulnerability

SolarWinds Database Performance Analyzer was found to contain a hard-coded cryptographic key. If exploited, this vulnerability could lead to a machine-in-the-middle MITM attack against users. This vulnerability requires additional software not installed by default, local access to the server and...

5.6CVSS7AI score0.0019EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/08/12 12:0 a.m.8 views

PT-2025-32636 · Solarwinds · Solarwinds Database Performance Analyzer

Name of the Vulnerable Software and Affected Versions: SolarWinds Database Performance Analyzer affected versions not specified Description: SolarWinds Database Performance Analyzer contains a hard-coded cryptographic key. Exploitation of this issue could lead to a machine-in-the-middle MITM atta...

5.6CVSS6.8AI score0.0019EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2025/05/22 7:2 a.m.9 views

CVE-2018-16243

SolarWinds Database Performance Analyzer DPA 11.1.468 and 12.0.3074 have several persistent XSS vulnerabilities, related to logViewer.iwc, centralManage.cen, userAdministration.iwc, database.iwc, alertManagement.iwc, eventAnnotations.iwc, and central.cen...

5.4CVSS6.1AI score0.01359EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/07/18 4:50 p.m.11 views

CVE-2023-33231 XSS in SolarWinds Database Performance Analyzer 2023.2

XSS attack was possible in DPA 2023.2 due to insufficient input validation...

6.1CVSS6.1AI score0.00455EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/04/25 12:0 a.m.7 views

CVE-2023-23837 No Exception Handling Vulnerability: Database Performance Analyzer (DPA) 2023.1

No exception handling vulnerability which revealed sensitive or excessive information to users...

7.5CVSS7.4AI score0.00809EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/04/25 12:0 a.m.5 views

CVE-2023-23838 Directory traversal and file enumeration vulnerability: Database Performance Analyzer (DPA) 2023.1

Directory traversal and file enumeration vulnerability which allowed users to enumerate to different folders of the server...

6.5CVSS6.5AI score0.01272EPSS
Exploits0References2
Rows per page
Query Builder