Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mysql vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-23833
OpenRefine is a free, open source power tool for working with messy data and improving it. A jdbc attack vulnerability exists in OpenRefine(version<=3.7.7) where an attacker may construct a JDBC query which may read files on the host filesystem. Due to the newer MySQL driver l...
NA
CVE-2024-25722
qanything_kernel/connector/database/mysql/mysql_client.py in qanything.ai QAnything prior to 1.2.0 allows SQL Injection.
6.1
CVSSv3
CVE-2024-24574
phpMyFAQ is an open source FAQ web application for PHP 8.1+ and MySQL, PostgreSQL and other databases. Unsafe echo of filename in phpMyFAQ\phpmyfaq\admin\attachments.php leads to allowed execution of JavaScript code in client side (XSS). This vulnerability has been patched in ver...
Phpmyfaq Phpmyfaq
6.5
CVSSv3
CVE-2024-22208
phpMyFAQ is an Open Source FAQ web application for PHP 8.1+ and MySQL, PostgreSQL and other databases. The 'sharing FAQ' functionality allows any unauthenticated actor to misuse the phpMyFAQ application to send arbitrary emails to a large range of targets. The phpMyFAQ ...
Phpmyfaq Phpmyfaq
6.5
CVSSv3
CVE-2024-22202
phpMyFAQ is an open source FAQ web application for PHP 8.1+ and MySQL, PostgreSQL and other databases. phpMyFAQ's user removal page allows an malicious user to spoof another user's detail, and in turn make a compelling phishing case for removing another user's acco...
Phpmyfaq Phpmyfaq
5.5
CVSSv3
CVE-2024-1193
A vulnerability was found in Navicat 12.0.29. It has been rated as problematic. This issue affects some unknown processing of the component MySQL Conecction Handler. The manipulation leads to denial of service. Attacking locally is a requirement. The exploit has been disclosed to...
Navicat Navicat 12.0.29
9.8
CVSSv3
CVE-2024-22901
Vinchin Backup & Recovery v7.2 exists to use default MYSQL credentials.
Vinchin Vinchin Backup And Recovery
1 Github repository
6.1
CVSSv3
CVE-2024-24041
A stored cross-site scripting (XSS) vulnerability in Travel Journal Using PHP and MySQL with Source Code v1.0 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the location parameter at /travel-journal/write-journal.php.
Remyandrade Travel Journal Using Php And Mysql With Source Code 1.0
6.1
CVSSv3
CVE-2024-24945
A stored cross-site scripting (XSS) vulnerability in Travel Journal Using PHP and MySQL with Source Code v1.0 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Share Your Moments parameter at /travel-journal/write-journal.php.
Remyandrade Travel Journal Using Php And Mysql With Source Code 1.0
6.5
CVSSv3
CVE-2024-22432
Networker 19.9 and all prior versions contains a Plain-text Password stored in temporary config file during backup duration in NMDA MySQL Database backups. User has low privilege access to Networker Client system could potentially exploit this vulnerability, leading to the discl...
Dell Networker
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »