42 matches found
SolarWinds Database Performance Analyzer 11.1.457 - Cross-Site Scripting
SolarWinds Database Performance Analyzer 11.1.457 contains a reflected cross-site scripting vulnerability in its idcStateError component, where the page parameter is reflected into the HREF of the 'Try Again' Button on the page, aka a /iwc/idcStateError.iwc?page= URI. id: CVE-2018-19386 info: nam...
SolarWinds Database Performance Analyzer < 2026.2 Stored XSS (CVE-2026-28322)
According to its self-reported version, the SolarWinds Database Performance Analyzer DPA installation on the remote host is prior to 2026.2. It is, therefore, affected by a stored cross-site scripting vulnerability, which when exploited, can lead to unintended script execution. Note that Nessus h...
EUVD-2026-40457
SolarWinds Database Performance Analyzer was found to be affected by a stored cross-site scripting vulnerability, which when exploited, can lead to unintended script execution...
CVE-2026-28322
SolarWinds Database Performance Analyzer was found to be affected by a stored cross-site scripting vulnerability, which when exploited, can lead to unintended script execution...
CVE-2026-28322 SolarWinds Database Performance Analyzer Stored Cross-Site Scripting Vulnerability
SolarWinds Database Performance Analyzer was found to be affected by a stored cross-site scripting vulnerability, which when exploited, can lead to unintended script execution...
CVE-2026-28322
CVE-2026-28322 affects SolarWinds Database Performance Analyzer (DPA). The stored cross-site scripting vulnerability can enable unintended script execution, with the public metrics indicating high impact to confidentiality and integrity, and a medium overall severity (CVSS 3.1: AV=Adjacent, AC=Hi...
CVE-2026-28322
SolarWinds Database Performance Analyzer was found to be affected by a stored cross-site scripting vulnerability, which when exploited, can lead to unintended script execution...
PT-2026-54014
Name of the Vulnerable Software and Affected Versions SolarWinds Database Performance Analyzer affected versions not specified Description A stored cross-site scripting issue exists that allows for the execution of unintended scripts. Recommendations At the moment, there is no information about a...
CVE-2018-19386
SolarWinds Database Performance Analyzer 11.1.457 contains an instance of Reflected XSS in its idcStateError component, where the page parameter is reflected into the HREF of the 'Try Again' Button on the page, aka a /iwc/idcStateError.iwc?page= URI...
SolarWinds Database Performance Analyzer (DPA) Installed (Linux)
Binary data solarwindsdpanixinstalled.nbin...
EUVD-2018-8095
Malware in sbrugna...
EUVD-2022-40712
Malicious code in bioql PyPI...
SolarWinds Database Performance Analyzer (DPA) Installed (Windows)
Binary data solarwindsdpawininstalled.nbin...
CVE-2025-26398
CVE-2025-26398 is documented as a vulnerability in SolarWinds Database Performance Analyzer where a hard-coded cryptographic key exists. According to the sources, exploitation could enable a local attacker with administrator privileges (and with access to the host where the additional software is...
CVE-2025-26398 SolarWinds Database Performance Analyzer Hard-coded Cryptographic Key Vulnerability
SolarWinds Database Performance Analyzer was found to contain a hard-coded cryptographic key. If exploited, this vulnerability could lead to a machine-in-the-middle MITM attack against users. This vulnerability requires additional software not installed by default, local access to the server and...
PT-2025-32636 · Solarwinds · Solarwinds Database Performance Analyzer
Name of the Vulnerable Software and Affected Versions: SolarWinds Database Performance Analyzer affected versions not specified Description: SolarWinds Database Performance Analyzer contains a hard-coded cryptographic key. Exploitation of this issue could lead to a machine-in-the-middle MITM atta...
CVE-2018-16243
SolarWinds Database Performance Analyzer DPA 11.1.468 and 12.0.3074 have several persistent XSS vulnerabilities, related to logViewer.iwc, centralManage.cen, userAdministration.iwc, database.iwc, alertManagement.iwc, eventAnnotations.iwc, and central.cen...
CVE-2023-33231 XSS in SolarWinds Database Performance Analyzer 2023.2
XSS attack was possible in DPA 2023.2 due to insufficient input validation...
CVE-2023-23837 No Exception Handling Vulnerability: Database Performance Analyzer (DPA) 2023.1
No exception handling vulnerability which revealed sensitive or excessive information to users...
CVE-2023-23838 Directory traversal and file enumeration vulnerability: Database Performance Analyzer (DPA) 2023.1
Directory traversal and file enumeration vulnerability which allowed users to enumerate to different folders of the server...