Archerydms

Archery

15 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2023-48053

  • EPSS 0.16%
  • Veröffentlicht 16.11.2023 18:15:07
  • Zuletzt bearbeitet 21.11.2024 08:31:02

Archery v1.10.0 uses a non-random or static IV for Cipher Block Chaining (CBC) mode in AES encryption. This vulnerability can lead to the disclosure of information and communications.

6.5

CVE-2023-30552

Exploit
  • EPSS 0.75%
  • Veröffentlicht 19.04.2023 00:15:09
  • Zuletzt bearbeitet 21.11.2024 08:00:24

Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an attacker to query the connected databases. Affected versions are subject to SQL injection in the `sql/instance.py` en...

6.5

CVE-2023-30553

Exploit
  • EPSS 0.75%
  • Veröffentlicht 19.04.2023 00:15:09
  • Zuletzt bearbeitet 21.11.2024 08:00:24

Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an attacker to query the connected databases. Affected versions are subject to multiple SQL injections in the `sql_api/a...

6.5

CVE-2023-30554

Exploit
  • EPSS 0.33%
  • Veröffentlicht 19.04.2023 00:15:09
  • Zuletzt bearbeitet 21.11.2024 08:00:24

Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an attacker to query the connected databases. Affected versions are subject to SQL injection in the `sql_api/api_workflo...

6.5

CVE-2023-30555

Exploit
  • EPSS 0.75%
  • Veröffentlicht 19.04.2023 00:15:09
  • Zuletzt bearbeitet 21.11.2024 08:00:25

Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an attacker to query the connected databases.Affected versions are subject to SQL injection in the `explain` method in `...

6.5

CVE-2023-30556

Exploit
  • EPSS 0.33%
  • Veröffentlicht 19.04.2023 00:15:09
  • Zuletzt bearbeitet 21.11.2024 08:00:25

Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an attacker to query the connected databases. Affected versions are subject to SQL injection in the `optimize_sqltuninga...

6.5

CVE-2023-30557

Exploit
  • EPSS 1.01%
  • Veröffentlicht 19.04.2023 00:15:09
  • Zuletzt bearbeitet 21.11.2024 08:00:25

Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an attacker to query the connected databases. Affected versions are subject to SQL injection in the `data_dictionary.py`...

6.5

CVE-2023-30558

Exploit
  • EPSS 0.75%
  • Veröffentlicht 19.04.2023 00:15:09
  • Zuletzt bearbeitet 21.11.2024 08:00:25

Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an attacker to query the connected databases. User input coming from the `db_name` in the `sql/data_dictionary.py` `tabl...

6.5

CVE-2023-30605

Exploit
  • EPSS 0.75%
  • Veröffentlicht 19.04.2023 00:15:09
  • Zuletzt bearbeitet 21.11.2024 08:00:29

Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an attacker to query the connected databases. User input coming from the `variable_name` and `variable_value` parameter ...

9.8

CVE-2022-38538

  • EPSS 0.31%
  • Veröffentlicht 13.09.2022 15:15:09
  • Zuletzt bearbeitet 21.11.2024 07:16:38

Archery v1.7.0 to v1.8.5 was discovered to contain a SQL injection vulnerability via the checksum parameter in the report module.