CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

Rudder Server < 1.3.0-rc.1 - SQL Injection

Rudder-server is part of RudderStack, an open source Customer Data Platform CDP. Versions of rudder-server prior to 1.3.0-rc.1 are vulnerable to SQL injection. This issue may lead to Remote Code Execution RCE due to the rudder role in PostgresSQL having superuser permissions by default. Version...

8.8CVSS7.4AI score0.89577EPSS

Exploits4References5

RedhatCVE•added 2025/05/23 3:43 a.m.•3 views

CVE-2023-30625

rudder-server is part of RudderStack, an open source Customer Data Platform CDP. Versions of rudder-server prior to 1.3.0-rc.1 are vulnerable to SQL injection. This issue may lead to Remote Code Execution RCE due to the rudder role in PostgresSQL having superuser permissions by default. Version...

8.8CVSS8.2AI score0.89577EPSS

Exploits4References1

OSV•added 2024/08/05 9:50 p.m.•22 views

GHSA-3JMM-F6JJ-RCC3 rudder-server is vulnerable to SQL injection

9.3CVSS9.1AI score0.89577EPSS

Exploits4References11

Github Security Blog•added 2024/08/05 9:50 p.m.•27 views

rudder-server is vulnerable to SQL injection

8.8CVSS8.1AI score0.89577EPSS

Exploits4References11Affected Software1

Packet Storm•added 2023/07/31 12:0 a.m.•295 views

Rudder Server SQL Injection / Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Rudder Server SQLI Remote Code Execution', 'Description' = %q This Metasploit module exploits a SQL injection vulnerability in RudderStack's...

8.8CVSS7.1AI score0.89577EPSS

Exploits4

NVD•added 2023/06/16 5:15 p.m.•16 views

CVE-2023-30625

8.8CVSS9.3AI score0.89577EPSS

Exploits4References8

Prion•added 2023/06/16 5:15 p.m.•36 views

Sql injection

6.5CVSS9.1AI score0.89577EPSS

Exploits4References8Affected Software1

Vulnrichment•added 2023/06/16 4:4 p.m.•10 views

CVE-2023-30625 rudder-server vulnerable to SQL Injection

8.8CVSS8.6AI score0.89577EPSS

Exploits4References8

CVE•added 2023/06/16 4:4 p.m.•86 views

CVE-2023-30625

Rudder-server (RudderStack CDP) prior to version 1.3.0-rc.1 is affected by an SQL injection that can lead to remote code execution because the postgres user rutde_rudder is granted superuser privileges by default. Affected component: rudder-server in RudderStack; vulnerability is triggered via SQ...

8.8CVSS9.1AI score0.89577EPSS

In wildExploits4References8Affected Software1

OSV•added 2023/06/16 4:4 p.m.•18 views

CVE-2023-30625 rudder-server vulnerable to SQL Injection

8.8CVSS9AI score0.89577EPSS

Exploits4References10

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by