Lucene search
K

7 matches found

NVD
NVD
added 2023/10/17 9:15 p.m.17 views

CVE-2023-43794

Nocodb is an open source Airtable alternative. Affected versions of nocodb contain a SQL injection vulnerability, that allows an authenticated attacker with creator access to query the underlying database. By supplying a specially crafted payload to the given an attacker can inject arbitrary SQL...

6.5CVSS6.6AI score0.00791EPSS
Exploits1References1
Prion
Prion
added 2023/10/17 9:15 p.m.12 views

Sql injection

Nocodb is an open source Airtable alternative. Affected versions of nocodb contain a SQL injection vulnerability, that allows an authenticated attacker with creator access to query the underlying database. By supplying a specially crafted payload to the given an attacker can inject arbitrary SQL...

3.3CVSS5.3AI score0.00791EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2023/10/17 8:2 p.m.83 views

CVE-2023-43794

CVE-2023-43794 describes a SQL injection in nocodb. The vulnerability affects nocodb where an authenticated attacker with creator access can exploit a blind SQL injection via the SQLite client path (notably in the triggerList flow related to sqlite_master) to reveal data from the database. Affect...

6.5CVSS5.9AI score0.00791EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2023/10/17 8:2 p.m.24 views

CVE-2023-43794 SQL Injection in nocodb

Nocodb is an open source Airtable alternative. Affected versions of nocodb contain a SQL injection vulnerability, that allows an authenticated attacker with creator access to query the underlying database. By supplying a specially crafted payload to the given an attacker can inject arbitrary SQL...

6.5CVSS6.8AI score0.00791EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2023/10/17 8:2 p.m.10 views

CVE-2023-43794 SQL Injection in nocodb

Nocodb is an open source Airtable alternative. Affected versions of nocodb contain a SQL injection vulnerability, that allows an authenticated attacker with creator access to query the underlying database. By supplying a specially crafted payload to the given an attacker can inject arbitrary SQL...

6.5CVSS6.6AI score0.00791EPSS
Exploits1References1
OSV
OSV
added 2023/10/17 1:52 p.m.31 views

GHSA-3M5Q-Q39V-XF8F nocodb SQL Injection vulnerability

Summary Nocodb contains SQL injection vulnerability, that allows an authenticated attacker with creator access to query the underlying database. Product nocodb/nocodb Tested Version 0.109.2 Details SQL injection in SqliteClient.ts GHSL-2023-141 By supplying a specially crafted payload to the give...

6.5CVSS6AI score0.00791EPSS
Exploits1References6
Github Security Blog
Github Security Blog
added 2023/10/17 1:52 p.m.22 views

nocodb SQL Injection vulnerability

Summary Nocodb contains SQL injection vulnerability, that allows an authenticated attacker with creator access to query the underlying database. Product nocodb/nocodb Tested Version 0.109.2 Details SQL injection in SqliteClient.ts GHSL-2023-141 By supplying a specially crafted payload to the give...

6.5CVSS7.9AI score0.00791EPSS
Exploits1References6Affected Software1
Rows per page
Query Builder