Archery@* Security Vulnerabilities and Issues — Archery@* CVE List

Lucene search

ArcherydmsArchery*

6 matches found

CVE•added 2022/09/13 3:15 p.m.•48 views

CVE-2022-38542

Archery v1.4.0 to v1.8.5 was discovered to contain a SQL injection vulnerability via the ThreadIDs parameter in the kill_session interface. The project has released an update, please upgrade to v1.9.0 and above.

9.8CVSS9.8AI score0.00094EPSS

CVE•added 2022/09/13 3:15 p.m.•47 views

CVE-2022-38540

Archery v1.4.0 to v1.8.5 was discovered to contain a SQL injection vulnerability via the ThreadIDs parameter in the create_kill_session interface.

9.8CVSS9.8AI score0.00094EPSS

CVE•added 2022/09/13 3:15 p.m.•44 views

CVE-2022-38537

Archery v1.4.5 to v1.8.5 was discovered to contain multiple SQL injection vulnerabilities via the start_file, end_file, start_time, and stop_time parameters in the binlog2sql interface.

9.8CVSS10AI score0.00094EPSS

CVE•added 2022/09/13 3:15 p.m.•43 views

CVE-2022-38541

Archery v1.8.3 to v1.8.5 was discovered to contain multiple SQL injection vulnerabilities via the start_time and stop_time parameters in the my2sql interface.

9.8CVSS10AI score0.00094EPSS

CVE•added 2022/09/13 3:15 p.m.•41 views

CVE-2022-38538

Archery v1.7.0 to v1.8.5 was discovered to contain a SQL injection vulnerability via the checksum parameter in the report module.

9.8CVSS9.8AI score0.00094EPSS

CVE•added 2022/09/13 3:15 p.m.•33 views

CVE-2022-38539

Archery v1.7.5 to v1.8.5 was discovered to contain a SQL injection vulnerability via the where parameter at /archive/apply.

9.8CVSS9.8AI score0.00094EPSS