cve/CVE-2017-16082.md at 9cc2023bd8dbe0ab8c5f051fa9a43f1e04594987

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-06 02:31:38 +00:00

0xMarcio 49bdc782b3 Update Sun May 26 14:27:04 CEST 2024

2024-05-26 14:27:05 +02:00

Description

A remote code execution vulnerability was found within the pg module when the remote database or query specifies a specially crafted column name. There are 2 likely scenarios in which one would likely be vulnerable. 1) Executing unsafe, user-supplied sql which contains a malicious column name. 2) Connecting to an untrusted database and executing a query which returns results where any of the column names are malicious.

POC

Reference

No PoCs from references.

Github

https://github.com/ARPSyndicate/cvemon
https://github.com/Threekiii/Awesome-POC
https://github.com/Threekiii/Vulhub-Reproduce
https://github.com/bakery312/Vulhub-Reproduce
https://github.com/nulldreams/CVE-2017-16082
https://github.com/ossf-cve-benchmark/CVE-2017-16082

1.1 KiB Raw Blame History

CVE-2017-16082

Description

POC

Reference

Github

1.1 KiB

Raw Blame History