CVE-2019-19475

An issue was discovered in ManageEngine Applications Manager 14 with Build 14360. Integrated PostgreSQL which is built-in in Applications Manager is prone to attack due to lack of file permission security. The malicious users who are in “Authenticated Users” group can exploit privilege escalation...

Appsmith RCE

An incorrectly configured PostgreSQL instance in the Appsmith image leads to remote command execution inside the Appsmith Docker container. Module Options msf use exploit/linux/http/appsmithrcecve202455964 msf exploitappsmithrcecve202455964 show targets ...targets... msf...

CVE-2024-55964

An issue was discovered in Appsmith before 1.52. An incorrectly configured PostgreSQL instance in the Appsmith image leads to remote command execution inside the Appsmith Docker container. The attacker must be able to access Appsmith, login to it, create a datasource, create a query against that...

CVE-2024-55964

An issue was discovered in Appsmith before 1.52. An incorrectly configured PostgreSQL instance in the Appsmith image leads to remote command execution inside the Appsmith Docker container. The attacker must be able to access Appsmith, login to it, create a datasource, create a query against that...

PT-2025-12998

Name of the Vulnerable Software and Affected Versions Appsmith versions prior to 1.52 Description An issue was discovered in Appsmith where an incorrectly configured PostgreSQL instance in the Appsmith image leads to remote command execution inside the Appsmith Docker container. The attacker must...

PT-2025-12811 · Appsmith · Appsmith

Name of the Vulnerable Software and Affected Versions: Appsmith versions prior to 1.51 Description: An issue was discovered in Appsmith where a user without admin permissions can trigger the restart API, causing a server restart. This is due to incorrect access control checks, which should check...

Versa Networks Versa Director insecure default PostgreSQL configuration

RISK EVALUATION Versa Networks Versa Director, by default, configures PostgreSQL to listen on all network interfaces using database credentials shared by multiple installations. From Advising Vulnerability In Versa Director: "This combination allows an unauthenticated attacker to access and...

CVE-2022-31769

IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.15.0 could allow a remote attacker to view product configuration information stored in PostgreSQL, which could be used in further attacks against the system. IBM X-Force ID: 228219...

PT-2022-20916 · Ibm · Ibm Spectrum Copy Data Management

Name of the Vulnerable Software and Affected Versions: IBM Spectrum Copy Data Management versions 2.2.0.0 through 2.2.15.0 Description: The issue allows a remote attacker to view product configuration information stored in PostgreSQL, which could be used in further attacks against the system...

Unspecified Vulnerability in ZOHO ManageEngine Applications Manager

ZOHO ManageEngine Applications Manager is a set of IT operation and maintenance management solutions of the United States ZhuoHao ZOHO company. The product has application performance management, fault management, report generation and SLA management and other functions. A security vulnerability...