5 matches found
CVE-2026-25892
Adminer is open-source database management software. Adminer v5.4.1 and earlier has a version check mechanism where adminer.org sends signed version info via JavaScript postMessage, which the browser then POSTs to ?script=version. This endpoint lacks origin validation and accepts POST data from a...
CVE-2026-25892
Adminer is open-source database management software. Adminer v5.4.1 and earlier has a version check mechanism where adminer.org sends signed version info via JavaScript postMessage, which the browser then POSTs to ?script=version. This endpoint lacks origin validation and accepts POST data from a...
PT-2026-7169
Name of the Vulnerable Software and Affected Versions Adminer versions prior to 5.4.2 Description Adminer is database management software. Versions 5.4.1 and earlier have a flawed version check process. The adminer.org domain sends signed version information via JavaScript postMessage, which is...
PAX Technology A920 Injection Vulnerability
PAX Technology A920 is an Android mobile payment terminal from PAX Technology. The PAX Technology A920 suffers from a security vulnerability that originates from a version checking error, which can be exploited by an attacker to steer the loader to downgrade to a vulnerable version, leading to...
CVE-2022-22786
The Zoom Client for Meetings for Windows before version 5.10.0 and Zoom Rooms for Conference Room for Windows before version 5.10.0, fails to properly check the installation version during the update process. This issue could be used in a more sophisticated attack to trick a user into downgrading...