6 matches found
EUVD-2023-0557
Malicious code in bioql PyPI...
EUVD-2022-26041
Malicious code in bioql PyPI...
PgHero Allows Information Disclosure Through EXPLAIN Feature
PgHero before 3.1.0 allows Information Disclosure via EXPLAIN because query results may be present in an error message. Depending on database user privileges, this may only be information from the database, or may be information from file contents on the database server...
CVE-2023-22626
PgHero before 3.1.0 allows Information Disclosure via EXPLAIN because query results may be present in an error message. Depending on database user privileges, this may only be information from the database, or may be information from file contents on the database server...
Microsoft SQL Server 2000 sp_MScopyscript SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5309/info The Microsoft SQL Server 2000 spMScopyscript stored procedure does not sufficiently validate input before passing it to the xpcmdshell extended stored procedure. An attacker with the ability to execute a query o...
[AppSecInc Team SHATTER Security Advisory] Multiple SQL Injection vulnerabilities in DBMS_CDC_SUBSCRIBE and DBMS_CDC_ISUBSCRIBE packages
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Multiple SQL Injection vulnerabilities in DBMSCDCSUBSCRIBE and DBMSCDCISUBSCRIBE packages AppSecInc Team SHATTER Security Advisory http://www.appsecinc.com/resources/alerts/oracle/2005-02.html April 18, 2005 Affected Versions: Oracle Database Server...