Archerydms

Archery

15 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2023-48053

  • EPSS 0.16%
  • Published 16.11.2023 18:15:07
  • Last modified 21.11.2024 08:31:02

Archery v1.10.0 uses a non-random or static IV for Cipher Block Chaining (CBC) mode in AES encryption. This vulnerability can lead to the disclosure of information and communications.

6.5

CVE-2023-30552

Exploit
  • EPSS 0.75%
  • Published 19.04.2023 00:15:09
  • Last modified 21.11.2024 08:00:24

Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an attacker to query the connected databases. Affected versions are subject to SQL injection in the `sql/instance.py` en...

6.5

CVE-2023-30553

Exploit
  • EPSS 0.75%
  • Published 19.04.2023 00:15:09
  • Last modified 21.11.2024 08:00:24

Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an attacker to query the connected databases. Affected versions are subject to multiple SQL injections in the `sql_api/a...

6.5

CVE-2023-30554

Exploit
  • EPSS 0.33%
  • Published 19.04.2023 00:15:09
  • Last modified 21.11.2024 08:00:24

Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an attacker to query the connected databases. Affected versions are subject to SQL injection in the `sql_api/api_workflo...

6.5

CVE-2023-30555

Exploit
  • EPSS 0.75%
  • Published 19.04.2023 00:15:09
  • Last modified 21.11.2024 08:00:25

Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an attacker to query the connected databases.Affected versions are subject to SQL injection in the `explain` method in `...

6.5

CVE-2023-30556

Exploit
  • EPSS 0.33%
  • Published 19.04.2023 00:15:09
  • Last modified 21.11.2024 08:00:25

Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an attacker to query the connected databases. Affected versions are subject to SQL injection in the `optimize_sqltuninga...

6.5

CVE-2023-30557

Exploit
  • EPSS 1.01%
  • Published 19.04.2023 00:15:09
  • Last modified 21.11.2024 08:00:25

Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an attacker to query the connected databases. Affected versions are subject to SQL injection in the `data_dictionary.py`...

6.5

CVE-2023-30558

Exploit
  • EPSS 0.75%
  • Published 19.04.2023 00:15:09
  • Last modified 21.11.2024 08:00:25

Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an attacker to query the connected databases. User input coming from the `db_name` in the `sql/data_dictionary.py` `tabl...

6.5

CVE-2023-30605

Exploit
  • EPSS 0.75%
  • Published 19.04.2023 00:15:09
  • Last modified 21.11.2024 08:00:29

Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an attacker to query the connected databases. User input coming from the `variable_name` and `variable_value` parameter ...

9.8

CVE-2022-38538

  • EPSS 0.31%
  • Published 13.09.2022 15:15:09
  • Last modified 21.11.2024 07:16:38

Archery v1.7.0 to v1.8.5 was discovered to contain a SQL injection vulnerability via the checksum parameter in the report module.