01 Aoû 2018
CVE-2016-8640 - CVE Vulnerability
A SQL injection vulnerability in pycsw all versions before 2.0.2, 1.10.5 and 1.8.6 that leads to read and extract of any data from any table in the pycsw database that the database user has access to. Also on PostgreSQL (at least) it is possible to perform updates/inserts/deletes and database modifications to any table the database user has access to. (CVSS:0.0) (Last Update:2018-08-01)
Vulnerability Details : A SQL injection vulnerability in pycsw all versions before 2.0.2, 1.10.5 and 1.8.6 that leads to read and extract of any data from any table in the pycsw database that the database user has access to. Also on PostgreSQL (at least) it is possible to perform updates/inserts/deletes and database modifications to any table the database user has access to. Publish Date : 2018-08-01 Last Update Date : 2018-08-01 - CVSS Scores & Vulnerability Types
- Products Affected By CVE-2016-8640
- References For CVE-2016-8640
| ||||||||||||||||||||||||||||||||||||||||||||||||
- Metasploit Modules Related To CVE-2016-8640There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information) |