Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
ClideyWhodb

2 matches found

CVE
CVEadded 2025/02/06 7:15 p.m.93 views

CVE-2025-24786

WhoDB is an open source database management tool. While the application only displays Sqlite3 databases present in the directory /db, there is no path traversal prevention in place. This allows an unauthenticated attacker to open any Sqlite3 database present on the host machine that the application...

10CVSS9.5AI score0.0038EPSS
CVE
CVEadded 2025/02/06 7:15 p.m.56 views

CVE-2025-24787

WhoDB is an open source database management tool. In affected versions the application is vulnerable to parameter injection in database connection strings, which allows an attacker to read local files on the machine the application is running on. The application uses string concatenation to build d...

8.6CVSS8.5AI score0.00079EPSS