19 matches found
EUVD-2026-22085
A weakness has been identified in DbGate up to 7.1.4. The impacted element is the function apiServerUrl1 of the file packages/rest/src/openApiDriver.ts of the component REST/GraphQL. This manipulation causes server-side request forgery. The attack may be initiated remotely. The exploit has been...
CVE-2026-6216 DbGate SVG Icon String FontIcon.svelte cross site scripting
A security vulnerability has been detected in DbGate up to 7.1.4. This affects an unknown function of the file packages/web/src/icons/FontIcon.svelte of the component SVG Icon String Handler. Such manipulation of the argument applicationIcon leads to cross site scripting. The attack may be launch...
CVE-2026-6215
A weakness has been identified in DbGate up to 7.1.4. The impacted element is the function apiServerUrl1 of the file packages/rest/src/openApiDriver.ts of the component REST/GraphQL. This manipulation causes server-side request forgery. The attack may be initiated remotely. The exploit has been...
CVE-2026-6215 DbGate REST/GraphQL openApiDriver.ts apiServerUrl1 server-side request forgery
A weakness has been identified in DbGate up to 7.1.4. The impacted element is the function apiServerUrl1 of the file packages/rest/src/openApiDriver.ts of the component REST/GraphQL. This manipulation causes server-side request forgery. The attack may be initiated remotely. The exploit has been...
DbGate 代码问题漏洞
DbGate is an open-source database manager developed by DbGate. Versions of DbGate 7.1.4 and earlier contained a code vulnerability. This vulnerability stemmed from a server-side request forgery issue in the apiServerUrl1 function within the REST/GraphQL component’s...
DbGate 代码注入漏洞
DbGate is an open-source database manager developed by DbGate. Versions of DbGate from 7.0.0 to 7.1.5 had a code injection vulnerability. This vulnerability occurred because SVG icon strings controlled by attackers were rendered as raw HTML without being cleaned properly, which could lead to...
EUVD-2025-22773
Malicious code in bioql PyPI...
EUVD-2025-22767
Malicious code in bioql PyPI...
CVE-2025-50185
DbGate is cross-platform database manager. In versions 6.6.0 and below, DbGate allows unauthorized file access due to insufficient validation of file paths and types. A user with application-level access can retrieve data from arbitrary files on the system, regardless of their location or file...
CVE-2025-50184
DbGate is cross-platform database manager. In versions 6.4.3-premium-beta.5 and below, DbGate is vulnerable to a directory traversal flaw. The file parameter is not properly restricted to the intended uploads directory. As a result, the endpoint that lists files within the upload directory can be...
CVE-2025-50185
DbGate is cross-platform database manager. In versions 6.6.0 and below, DbGate allows unauthorized file access due to insufficient validation of file paths and types. A user with application-level access can retrieve data from arbitrary files on the system, regardless of their location or file...
CVE-2025-50184
DbGate is cross-platform database manager. In versions 6.4.3-premium-beta.5 and below, DbGate is vulnerable to a directory traversal flaw. The file parameter is not properly restricted to the intended uploads directory. As a result, the endpoint that lists files within the upload directory can be...
CVE-2025-50184
DbGate (cross‑platform database manager) contains a directory traversal vulnerability in the uploads/file handling. In versions 6.4.3-premium-beta.5 and earlier, the file parameter is not restricted to the uploads directory, allowing an attacker to craft a path to read arbitrary files outside tha...
CVE-2025-50184 DbGate allows for File Traversal via file parameter
DbGate is cross-platform database manager. In versions 6.4.3-premium-beta.5 and below, DbGate is vulnerable to a directory traversal flaw. The file parameter is not properly restricted to the intended uploads directory. As a result, the endpoint that lists files within the upload directory can be...
CVE-2025-50184 DbGate allows for File Traversal via file parameter
DbGate is cross-platform database manager. In versions 6.4.3-premium-beta.5 and below, DbGate is vulnerable to a directory traversal flaw. The file parameter is not properly restricted to the intended uploads directory. As a result, the endpoint that lists files within the upload directory can be...
CVE-2025-50184 DbGate allows for File Traversal via file parameter
DbGate is cross-platform database manager. In versions 6.4.3-premium-beta.5 and below, DbGate is vulnerable to a directory traversal flaw. The file parameter is not properly restricted to the intended uploads directory. As a result, the endpoint that lists files within the upload directory can be...
PT-2025-30948 · Dbgate · Dbgate
Name of the Vulnerable Software and Affected Versions: DbGate versions 6.4.3-premium-beta.5 and below Description: DbGate is vulnerable to a directory traversal flaw. The file parameter is not properly restricted to the intended uploads directory. This allows manipulation of the endpoint that lis...
PT-2025-30949 · Dbgate · Dbgate +1
Name of the Vulnerable Software and Affected Versions: DbGate versions 6.6.0 and below Description: DbGate, a cross-platform database manager, allows unauthorized file access due to insufficient validation of file paths and types. A user with application-level access can retrieve data from...
DbGate 安全漏洞
DbGate is a database manager from the DbGate open source. A security vulnerability exists in DbGate 6.6.0 and earlier versions, which stems from insufficient file path validation and could lead to unauthorized file access...