CVEs-PoC/2017/CVE-2017-16082.md at e7be3f24665f27f4f8a571f070ce04dfd1f54dc4

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-05-08 22:35:37 +02:00

Files

T

0xMarcio 49bdc782b3 Update Sun May 26 14:27:04 CEST 2024

2024-05-26 14:27:05 +02:00

Description

A remote code execution vulnerability was found within the pg module when the remote database or query specifies a specially crafted column name. There are 2 likely scenarios in which one would likely be vulnerable. 1) Executing unsafe, user-supplied sql which contains a malicious column name. 2) Connecting to an untrusted database and executing a query which returns results where any of the column names are malicious.

POC

Reference

No PoCs from references.

Github

https://github.com/ARPSyndicate/cvemon
https://github.com/Threekiii/Awesome-POC
https://github.com/Threekiii/Vulhub-Reproduce
https://github.com/bakery312/Vulhub-Reproduce
https://github.com/nulldreams/CVE-2017-16082
https://github.com/ossf-cve-benchmark/CVE-2017-16082

1.1 KiB Raw Blame History

CVE-2017-16082

Description

POC

Reference

Github

1.1 KiB

Raw Blame History