Greensql : Security Vulnerabilities, CVEs,

CVE-2007-5059

Multiple cross-site scripting (XSS) vulnerabilities in GreenSQL allow remote attackers to inject arbitrary web script or HTML via several vectors, as demonstrated by the (1) uname and (2) pass parameters in a login form, and (3) an unspecified "url value," leading to storage of XSS sequences in the database and display of these sequences in the alert section of the admin panel.
Max CVSS
4.3
EPSS Score
0.26%
Published
2007-09-24
Updated
2018-10-15

CVE-2008-6416

Multiple cross-site scripting (XSS) vulnerabilities in GreenSQL-Console before 0.3.5 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to "internal pages."
Max CVSS
4.3
EPSS Score
0.22%
Published
2009-03-06
Updated
2017-08-17

CVE-2008-6417

Unspecified vulnerability in GreenSQL-Console before 0.3.5 allows attackers to obtain the "installation directory" via unknown vectors.
Max CVSS
5.0
EPSS Score
0.18%
Published
2009-03-06
Updated
2017-08-17

CVE-2008-6992

GreenSQL Firewall (greensql-fw), possibly before 0.9.2 or 0.9.4, allows remote attackers to bypass the SQL injection protection mechanism via a WHERE clause containing an expression such as "x=y=z", which is successfully parsed by MySQL.
Max CVSS
7.5
EPSS Score
0.83%
Published
2009-08-19
Updated
2009-08-19

CVE-2008-7229

GreenSQL Firewall (greensql-fw) before 0.9.2 allows remote attackers to bypass SQL injection protection via a crafted string, possibly involving an encoded space character (%20).
Max CVSS
7.5
EPSS Score
0.13%
Published
2009-09-14
Updated
2009-09-14
5 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close