VYPR

Whodb

by Clidey

Source repositories

CVEs (2)

  • CVE-2025-24786Feb 6, 2025
    risk 0.00cvss epss 0.03

    WhoDB is an open source database management tool. While the application only displays Sqlite3 databases present in the directory `/db`, there is no path traversal prevention in place. This allows an unauthenticated attacker to open any Sqlite3 database present on the host…

  • CVE-2025-24787Feb 6, 2025
    risk 0.00cvss epss 0.01

    WhoDB is an open source database management tool. In affected versions the application is vulnerable to parameter injection in database connection strings, which allows an attacker to read local files on the machine the application is running on. The application uses string…