Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
NocodbNocodb

3 matches found

CVE
CVEadded 2025/03/06 7:15 p.m.92 views

CVE-2025-27506

NocoDB is software for building databases as spreadsheets. The API endpoint related to the password reset function is vulnerable to Reflected Cross-Site-Scripting. The endpoint /api/v1/db/auth/password/reset/:tokenId is vulnerable to Reflected Cross-Site-Scripting. The flaw occurs due to implementa...

6.1CVSS7.2AI score0.00042EPSS
Web
CVE
CVEadded 2023/10/17 9:15 p.m.71 views

CVE-2023-43794

Nocodb is an open source Airtable alternative. Affected versions of nocodb contain a SQL injection vulnerability, that allows an authenticated attacker with creator access to query the underlying database. By supplying a specially crafted payload to the given an attacker can inject arbitrary SQL qu...

6.5CVSS5.9AI score0.00225EPSS
CVE
CVEadded 2024/05/14 2:17 p.m.56 views

CVE-2023-50718

NocoDB is software for building databases as spreadsheets. Prior to version 0.202.10, an authenticated attacker with create access could conduct a SQL Injection attack on MySQL DB using unescaped table_name. This vulnerability may result in leakage of sensitive data in the database. Version 0.202.1...

6.5CVSS6.6AI score0.0017EPSS