2 matches found
ROS-20260216-73-0001
A vulnerability in the hasmetacommands function of the pgAdmin 4 database management tool is related to incorrect code generation control. Exploitation of the vulnerability could allow a remote attacker to bypass existing security mechanisms by injecting a specially generated SQL file...
Arbitrary Code Injection
Overview pgadmin4 is a PostgreSQL Tools Affected versions of this package are vulnerable to Arbitrary Code Injection via the hasmetacommands function. An attacker can execute arbitrary commands on the system by crafting a SQL file that begins with a UTF-8 Byte Order Mark or special byte sequences...