CVE-2024-12745

A SQL injection in the Amazon Redshift Python Connector v2.1.4 allows a user to gain escalated privileges via the getschemas, gettables, or getcolumns Metadata APIs. Users are recommended to upgrade to the driver version 2.1.5 or revert to driver version 2.1.3...

SQL Injection

Overview redshift-connector is a Redshift interface library Affected versions of this package are vulnerable to SQL Injection via the getschemas, gettables, or getcolumns APIs. An attacker can escalate privileges by injecting a malicious schema and causing a higher privileged user or process to...

redshift_connector 安全漏洞

redshiftconnector is an Amazon Web Services open source Amazon Redshift connector for Python. A security vulnerability exists in redshiftconnector version 2.1.4 that stems from the presence of a SQL injection vulnerability that allows escalated privileges to be gained via the getschemas, gettable...

PT-2024-10193 · Amazon · Amazon Redshift Jdbc Driver

Name of the Vulnerable Software and Affected Versions: Amazon Redshift JDBC Driver version 2.1.0.31 Description: A SQL injection issue in the Amazon Redshift JDBC Driver allows a user to gain escalated privileges via the getSchemas, getTables, or getColumns Metadata APIs. This issue can be...

Havij 1.10 - Persistent Cross-Site Scripting

Havij 1.10 - Persistent Cross-Site Scripting Exploit Title: Havij Persistent XSS =v1.10 Date: 15/6/2010 Author: hexon Version: 1.10 and below Tested on: Windows XP Service Pack 2 Professional, Windows 7 Code : htttp://site.com/file.php?param=XSS Code Havij Persistent XSS =v1.10 By : Hkhexon...