Lucene search
K

5 matches found

Prion
Prion
added 2023/04/19 12:15 a.m.19 views

Sql injection

Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an attacker to query the connected databases. Affected versions are subject to SQL injection in the optimizesqltuningadvisor method of sqloptimize.py. User input comin...

4CVSS6.7AI score0.00835EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/04/18 10:35 p.m.9 views

CVE-2023-30556 SQL injection in sql_optimize.py optimize_sqltuningadvisor method in Archery - GHSL-2022-107

Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an attacker to query the connected databases. Affected versions are subject to SQL injection in the optimizesqltuningadvisor method of sqloptimize.py. User input comin...

6.5CVSS6.8AI score0.00835EPSS
Exploits1References1
CVE
CVE
added 2023/04/18 10:35 p.m.41 views

CVE-2023-30556

CVE-2023-30556 concerns an SQL injection in Archery, an open source SQL audit platform. The vulnerability affects the function/flow where user input from the db_name parameter in sql_optimize.py is passed to the sqltuningadvisor method in oracle.py, enabling attackers to query connected databases...

6.5CVSS6.7AI score0.00835EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2023/04/18 10:35 p.m.33 views

CVE-2023-30556 SQL injection in sql_optimize.py optimize_sqltuningadvisor method in Archery - GHSL-2022-107

Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an attacker to query the connected databases. Affected versions are subject to SQL injection in the optimizesqltuningadvisor method of sqloptimize.py. User input comin...

6.5CVSS7AI score0.00835EPSS
Exploits1References1
OSV
OSV
added 2023/04/18 10:35 p.m.23 views

CVE-2023-30556 SQL injection in sql_optimize.py optimize_sqltuningadvisor method in Archery - GHSL-2022-107

Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an attacker to query the connected databases. Affected versions are subject to SQL injection in the optimizesqltuningadvisor method of sqloptimize.py. User input comin...

6.5CVSS7.2AI score0.00835EPSS
Exploits1References3
Rows per page
Query Builder