Skip to main content

Pghero

2 CVEs product

Monthly

CVE-2023-22626 Ruby HIGH POC PATCH This Week

PgHero before 3.1.0 allows Information Disclosure via EXPLAIN because query results may be present in an error message. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Pghero
NVD GitHub
CVSS 3.1
7.5
EPSS
0.8%
CVE-2020-16253 Ruby HIGH PATCH This Week

The PgHero gem through 2.6.0 for Ruby allows CSRF. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Pghero
NVD GitHub
CVSS 3.1
8.1
EPSS
0.5%
EPSS 1% CVSS 7.5
HIGH POC PATCH This Week

PgHero before 3.1.0 allows Information Disclosure via EXPLAIN because query results may be present in an error message. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Pghero
NVD GitHub
EPSS 0% CVSS 8.1
HIGH PATCH This Week

The PgHero gem through 2.6.0 for Ruby allows CSRF. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Pghero
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy