Show filters
2 Total Results
Displaying 1-2 of 2
Sort by:
Attacker Value
Unknown

CVE-2023-22626

Disclosure Date: January 05, 2023 (last updated February 24, 2025)
PgHero before 3.1.0 allows Information Disclosure via EXPLAIN because query results may be present in an error message. (Depending on database user privileges, this may only be information from the database, or may be information from file contents on the database server.)
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2020-16253

Disclosure Date: August 05, 2020 (last updated February 21, 2025)
The PgHero gem through 2.6.0 for Ruby allows CSRF.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0