2 matches found
Brute Force
Overview pgadmin4 is a PostgreSQL Tools Affected versions of this package are vulnerable to Brute Force due to improper enforcement of account lockout in the login. An attacker can bypass account lockout protections and perform unlimited password-guessing attempts by submitting valid credentials...
Deserialization of Untrusted Data
Overview pgadmin4 is a PostgreSQL Tools Affected versions of this package are vulnerable to Deserialization of Untrusted Data in the FileBackedSessionManager. An attacker can execute arbitrary code by placing a crafted serialized payload into the sessions directory, which is deserialized without...