77 matches found
CVE-2026-48017
DbGate is cross-platform database manager. In versions 7.1.8 and prior, the POST /runners/load-reader endpoint in DbGate accepts a functionName parameter that is directly interpolated into a JavaScript code template without any sanitization or validation. An authenticated user with basic access, ...
CVE-2026-48017 DbGate: Remote Code Execution via functionName injection in loadReader endpoint
DbGate is cross-platform database manager. In versions 7.1.8 and prior, the POST /runners/load-reader endpoint in DbGate accepts a functionName parameter that is directly interpolated into a JavaScript code template without any sanitization or validation. An authenticated user with basic access, ...
CVE-2026-48017
Summary (CVE-2026-48017) DbGate
DbGate - Remote Code Execution via Dynamic Import Bypass
DbGate versions = 7.1.8 are vulnerable to authenticated remote code execution via the POST /runners/load-reader endpoint. The functionName parameter is directly interpolated into a JavaScript code template without sanitization. The require=null mitigation is bypassed via dynamic import. id:...
DbGate - Remote Code Execution via Anonymous JWT
DbGate contains a remote code execution vulnerability exploitable by unauthenticated attackers. The /auth/login endpoint issues anonymous JWT tokens without credentials, and the /runners/start endpoint accepts JavaScript payloads that execute via Node.js childprocess, allowing arbitrary command...
dbgate-serve (>=7.0.0 <=7.1.13), dbmodel (>=7.0.0 <=7.1.13) potentially affected by CVE-2026-48017 via dbgate-api (>=7.1.10 <=7.1.8)
dbgate-api NPM version =7.1.10, =7.0.0, =7.0.0, =7.1.13 Source cves: CVE-2026-48017 Source advisory: SNYK:JS-DBGATEAPI-17223766...
Arbitrary Code Injection
Overview dbgate-api is an Allows run DbGate data-manipulation scripts. Affected versions of this package are vulnerable to Arbitrary Code Injection in the loadReader function in runners.js. The functionName parameter can be injected with arbitrary JavaScript, which is executed with the privileges...
CVE-2026-6216
A security vulnerability has been detected in DbGate up to 7.1.4. This affects an unknown function of the file packages/web/src/icons/FontIcon.svelte of the component SVG Icon String Handler. Such manipulation of the argument applicationIcon leads to cross site scripting. The attack may be launch...
CVE-2026-6215
A weakness has been identified in DbGate up to 7.1.4. The impacted element is the function apiServerUrl1 of the file packages/rest/src/openApiDriver.ts of the component REST/GraphQL. This manipulation causes server-side request forgery. The attack may be initiated remotely. The exploit has been...
GHSA-HV83-GGC4-V385 DbGate: Remote Code Execution via functionName injection in loadReader endpoint
Summary The POST /runners/load-reader endpoint in DbGate accepts a functionName parameter that is directly interpolated into a JavaScript code template without any sanitization or validation. An authenticated user with basic access, no special permissions required can inject arbitrary JavaScript...
DbGate: Remote Code Execution via functionName injection in loadReader endpoint
Summary The POST /runners/load-reader endpoint in DbGate accepts a functionName parameter that is directly interpolated into a JavaScript code template without any sanitization or validation. An authenticated user with basic access, no special permissions required can inject arbitrary JavaScript...
GHSA-WM5R-5QP3-5VXF Authenticated Remote Code Execution via loadReader functionName code injection in DbGate
Summary DbGate is vulnerable to authenticated Remote Code Execution RCE. Any user with valid DbGate credentials can execute arbitrary OS commands as root by exploiting an unsanitized functionName parameter in the /runners/load-reader endpoint. The require = null mitigation is trivially bypassed v...
Authenticated Remote Code Execution via loadReader functionName code injection in DbGate
Summary DbGate is vulnerable to authenticated Remote Code Execution RCE. Any user with valid DbGate credentials can execute arbitrary OS commands as root by exploiting an unsanitized functionName parameter in the /runners/load-reader endpoint. The require = null mitigation is trivially bypassed v...
GHSA-8V3Q-9VMX-36VC DbGate: Unauthenticated Remote Code Execution via JSON Script Runner
Summary DbGate's JSON script runner POST /runners/start allows remote code execution via code injection in the functionName parameter of JSON script assign commands. The functionName value is interpolated directly into dynamically generated JavaScript source code via string concatenation. The...
DbGate: Unauthenticated Remote Code Execution via JSON Script Runner
Summary DbGate's JSON script runner POST /runners/start allows remote code execution via code injection in the functionName parameter of JSON script assign commands. The functionName value is interpolated directly into dynamically generated JavaScript source code via string concatenation. The...
PT-2026-47063
Name of the Vulnerable Software and Affected Versions DbGate versions prior to 7.1.9 Description DbGate is subject to authenticated remote code execution. Users with valid credentials can execute arbitrary operating system commands as root by exploiting an unsanitized functionName parameter in th...
PT-2026-47062
🚨 Multiple Critical Vulnerabilities Disclosed in DbGate Several severe vulnerabilities in DbGate can allow attackers to achieve remote code execution: • CVE-2026-47668 - Unauthenticated RCE via JSON Script Runner dbgate-serve • CVE-2026-47669 - Zip Slip arbitrary file write leading to RCE •...
PT-2026-43683
Name of the Vulnerable Software and Affected Versions dbgate-serve versions prior to 7.1.9 Description An unauthenticated remote code execution issue exists in the database management tool. Attackers can achieve full system compromise without authentication or user interaction by injecting code...
Exploit for CVE-2026-47668
CVE-2026-47668 DbGate Unauthenticated Remote Code Execution...
dbgate-serve (>=7.0.0 <=7.1.13), dbmodel (>=7.0.0 <=7.1.13) potentially affected by CVE-2026-47670 via dbgate-api (>=7.1.10 <=7.1.8)
dbgate-api NPM version =7.1.10, =7.0.0, =7.0.0, =7.1.13 Source cves: CVE-2026-47670 Source advisory: SNYK:JS-DBGATEAPI-17223765...