13 matches found
BIT-MARIADB-MIN-2026-44173 MariaDB: FILE privilege was not checked for subqueries in the FROM clause
MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, MariaDB allowed SELECT ... INTO OUTFILE and SELECT ... INTO DUMPFILE without verifying the FILE privileg...
BIT-MARIADB-2026-44173 MariaDB: FILE privilege was not checked for subqueries in the FROM clause
MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, MariaDB allowed SELECT ... INTO OUTFILE and SELECT ... INTO DUMPFILE without verifying the FILE privileg...
CVE-2026-44173
MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, MariaDB allowed SELECT ... INTO OUTFILE and SELECT ... INTO DUMPFILE without verifying the FILE privileg...
ALPINE-CVE-2026-44173
MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, MariaDB allowed SELECT ... INTO OUTFILE and SELECT ... INTO DUMPFILE without verifying the FILE privileg...
EUVD-2026-36518
MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, MariaDB allowed SELECT ... INTO OUTFILE and SELECT ... INTO DUMPFILE without verifying the FILE privileg...
CVE-2026-44173 MariaDB: FILE privilege was not checked for subqueries in the FROM clause
MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, MariaDB allowed SELECT ... INTO OUTFILE and SELECT ... INTO DUMPFILE without verifying the FILE privileg...
CVE-2026-44173
CVE-2026-44173 affects MariaDB server: the FILE privilege was not checked for subqueries in the FROM clause, allowing potential leakage of file operations via SELECT ... INTO OUTFILE/DUMPFILE. Affected versions include MariaDB 10.6.1–10.6.25, 10.11.1–10.11.16, 11.4.1–11.4.10, 11.8.1–11.8.6, and 1...
CVE-2026-44173 MariaDB: FILE privilege was not checked for subqueries in the FROM clause
MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, MariaDB allowed SELECT ... INTO OUTFILE and SELECT ... INTO DUMPFILE without verifying the FILE privileg...
CVE-2026-44173
MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, MariaDB allowed SELECT ... INTO OUTFILE and SELECT ... INTO DUMPFILE without verifying the FILE privileg...
CVE-2020-7356
CAYIN xPost suffers from an unauthenticated SQL Injection vulnerability. Input passed via the GET parameter ‘wayfinderseqid’ in wayfindermeetinginput.jsp is not properly sanitized before being returned to the user or used in SQL queries. This can be exploited to manipulate SQL queries by injectin...
MYSQL Directory Write Test
Enumerate writeable directories using the MySQL SELECT INTO DUMPFILE feature, for more information see the URL in the references. Note: For every writable directory found, a file with the specified FILENAME containing the text test will be written to the directory. This module requires Metasploit...
Sql injection
SQL injection vulnerability in the autoDetectRegion function in doceboCore/lib/lib.regset.php in Docebo 3.5.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the Accept-Language HTTP header. NOTE: this can be leveraged to execute arbitrary PHP code using the INTO...
CVE-2007-4889
The CVE-2007-4889 entry relates to PHP’s MySQL extension in PHP 5.2.4 and earlier, where remote attackers could bypass safe_mode and open_basedir restrictions using MySQL functions (LOAD_FILE, INTO DUMPFILE, INTO OUTFILE). Affected component: PHP MySQL extension (versions