CVE-2019-25447

OrientDB 3.0.17 GA Community Edition contains cross-site request forgery vulnerabilities that allow attackers to perform unauthorized actions by crafting malicious requests to endpoints like /database/, /command/, and /document/. Attackers can create or delete databases, modify schema classes,...

AUVESY Versiondog permission permission and access control issues vulnerability

AUVESY Versiondog is an automated production data and change management software solution from the German company AUVESY. AUVESY Versiondog is vulnerable to permission and access control issues, which could be exploited by an attacker to change user passwords or delete databases...

CVE-2019-14245

In CentOS-WebPanel.com aka CWP CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to delete databases such as oauthv2 from the server via an attacker account...

CVE-2019-14245

In CentOS-WebPanel.com aka CWP CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to delete databases such as oauthv2 from the server via an attacker account...

PT-2019-3100 · Centos · Centos Web Panel

Name of the Vulnerable Software and Affected Versions: CentOS Web Panel version 0.9.8.851 Description: The issue is related to an insecure object reference, which allows an attacker to delete databases, such as oauthv2, from the server via an attacker account. This is due to insufficient access...

CentOS Web Panel Permissions License and Access Control Issues Vulnerability

CentOS Web Panel CWP is a free web hosting control panel. A privilege permission and access control issue vulnerability exists in CentOS Web Panel version 0.9.8.851, which can be exploited by an attacker to delete arbitrary databases...

MyWebSQL Cross-Site Request Forgery Vulnerability

MyWebSQL is a web-based MySQL database management client from Samnan ur Rehman Software Developers. A cross-site request forgery vulnerability exists in MyWebSQL. An attacker can exploit this vulnerability to delete databases with the help of the /?q=wrkfrm&type=databases URI...

CVE-2015-2142

Multiple cross-site request forgery CSRF vulnerabilities in Issuetracker phpBugTracker before 1.7.0 allow remote authenticated users to 1 hijack the authentication of users for requests that cause an unspecified impact via the id parameter to project.php, 2 hijack the authentication of users for...

CVE-2015-2142

Multiple cross-site request forgery CSRF vulnerabilities in Issuetracker phpBugTracker before 1.7.0 allow remote authenticated users to 1 hijack the authentication of users for requests that cause an unspecified impact via the id parameter to project.php, 2 hijack the authentication of users for...

phpMyAdmin Installation Not Password Protected

The version of phpMyAdmin installed on the remote web server allows unrestricted, unauthenticated access. This is likely due to setting the 'authtype' to 'config' and storing login credentials in the configuration file. A remote attacker could exploit this to execute arbitrary SQL queries, delete...

Guppy <= 4.5.11 (Delete Databases) Remote Denial of Service Exploit

Exploit for unknown platform in category web applications =================================================================== Guppy Guppy Guppy by trueend5 Computer Security Science Researchers Institute KAPDA table width="90%...