CVE-2026-30778

CVE-2026-30778 affects Apache SkyWalking OAP where the /debugging/config/dump endpoint may leak sensitive configuration data (including MySQL/PostgreSQL-related details) in versions 9.7.0 through 10.3.0. The exposure is tied to the configuration dump functionality, potentially revealing credentia...

[SECURITY] Fedora 43 Update: roundcubemail-1.6.13-1.fc43

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

CVE-2025-34227 Nagios XI < 2026R1 Configuration Wizard Authenticated Command Injection

Nagios XI 2026R1 is vulnerable to an authenticated command injection vulnerability within the MongoDB Database, MySQL Query, MySQL Server, Postgres Server, and Postgres Query wizards. It is possible to inject shell characters into arguments provided to the service and execute arbitrary system...

Malicious code in Tessa.Postgre.Sql (NuGet)

--- -= Per source details. Do not edit below this line.=-...

Ghauri - An Advanced Cross-Platform Tool That Automates The Process Of Detecting And Exploiting SQL Injection Security Flaws

An advanced cross-platform tool that automates the process of detecting andexploiting SQL injection security flaws Requirements Python 3 Python pip3 Installation cd to ghauri directory. install requirements: python3 -m pip install --upgrade -r requirements.txt run: python3 setup.py install or...

Rosario Student Information System SQL Injection Vulnerability

The Rosario Student Information System is a free student information system used for school administration, and a SQL injection vulnerability exists in the Rosario Student Information System, which can be exploited to execute Postgre SQL statements via the /Side.php parameter via the syear...

CentOS 8 : postgresql-jdbc (CESA-2020:3176)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2020:3176 advisory. - postgresql-jdbc: XML external entity XXE vulnerability in PgSQLXML CVE-2020-13692 Note that Nessus has not tested for this issue but has instead relied only o...

[SECURITY] Fedora 28 Update: unixODBC-2.3.7-1.fc28

Install unixODBC if you want to access databases through ODBC. You will also need the mariadb-connector-odbc package if you want to access a MySQL or MariaDB database, and/or the postgresql-odbc package for Postgre SQL...

Qualys Policy Compliance Notification: Policy Library Update

Qualys’ library of built-in policies makes it easy to comply with the security standards and regulations that are most commonly used and adhered to. Qualys provides a wide range of policies, including many that have been certified by CIS as well as the ones based on security guidelines from vendo...

postgresql: pg_user_mappings view discloses foreign server passwords

It was found that the pgusermappings view could disclose information about user mappings to a foreign database to non-administrative database users. A database user with USAGE privilege for this mapping could, when querying the view, obtain user mapping data, such as the username and password use...

[DCA-2011-0003]: LMS Web Ensino - Multiple XSS, Session Fixation, CSRF and SQL Injection

DCA-2011-0003 Discussion - DcLabs Security Research Group advises about following vulnerabilityies: Software - LMS Web Ensino Vendor Product Description - Portuguese - O Learning Management System LMS Web Ensino uma ferramenta completa para o gerenciamento e oferta de cursos e treinamentos...

PHPRunner 4.2 - SearchOption Blind SQL Injection

PHPRunner 4.2 - SearchOption Blind SQL Injection www.BugReport.ir AmnPardaz Security Research Team Title: PHPRunner SQL Injection Vendor: http://www.xlinesoft.com Vulnerable Version: 4.2 prior versions also may be affected Exploitation: Remote with browser Original Advisory:...

PHPRunner 4.2 (SearchOption) Blind SQL Injection Vulnerability

Exploit for unknown platform in category web applications ============================================================== PHPRunner 4.2 SearchOption Blind SQL Injection Vulnerability ==============================================================...