GoldenDB
by GoldenDB
CVEs (8)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-45558 | Hig | 0.49 | 7.5 | 0.01 | Nov 14, 2023 | An issue in Golden v.13.6.1 allows attackers to send crafted notifications via leakage of the channel access token. | ||
| CVE-2025-46578 | Med | 0.42 | 6.5 | 0.00 | Apr 27, 2025 | There are SQL injection vulnerabilities in multiple interfaces of the GoldenDB database product. Attackers can exploit these interfaces to inject commands and extract sensitive database information. | ||
| CVE-2025-46577 | Med | 0.42 | 6.5 | 0.00 | Apr 27, 2025 | There is a SQL injection vulnerability in the GoldenDB database product. Attackers can inject commands to extract database information. | ||
| CVE-2025-46576 | Med | 0.35 | 5.4 | 0.00 | Apr 27, 2025 | There is a Permission Management and Access Control vulnerability in the GoldenDB database product. Attackers can manipulate requests to bypass privilege restrictions and delete content. | ||
| CVE-2025-46575 | Med | 0.32 | 4.9 | 0.00 | Apr 27, 2025 | There is an information disclosure vulnerability in the GoldenDB database product. Attackers can exploit error messages to obtain the system's sensitive information. | ||
| CVE-2025-46574 | Med | 0.27 | 4.1 | 0.00 | Apr 27, 2025 | There is an information disclosure vulnerability in the GoldenDB database product. Attackers can exploit error messages to obtain the system's sensitive information. | ||
| CVE-2005-1484 | 0.00 | — | 0.02 | May 11, 2005 | Directory traversal vulnerability in Golden FTP server pro 2.52 allows remote attackers to read arbitrary files via a "\.." (backward slash dot dot) with a leading '"' (double quote) in the GET command. | |||
| CVE-2005-1485 | 0.00 | — | 0.01 | May 11, 2005 | Golden FTP Server Pro 2.52 allows remote attackers to obtain sensitive information via a GET request for a file that does not exist, which reveals the absolute path of the FTP server in the resulting FTP error message. |
- risk 0.49cvss 7.5epss 0.01
An issue in Golden v.13.6.1 allows attackers to send crafted notifications via leakage of the channel access token.
- risk 0.42cvss 6.5epss 0.00
There are SQL injection vulnerabilities in multiple interfaces of the GoldenDB database product. Attackers can exploit these interfaces to inject commands and extract sensitive database information.
- risk 0.42cvss 6.5epss 0.00
There is a SQL injection vulnerability in the GoldenDB database product. Attackers can inject commands to extract database information.
- risk 0.35cvss 5.4epss 0.00
There is a Permission Management and Access Control vulnerability in the GoldenDB database product. Attackers can manipulate requests to bypass privilege restrictions and delete content.
- risk 0.32cvss 4.9epss 0.00
There is an information disclosure vulnerability in the GoldenDB database product. Attackers can exploit error messages to obtain the system's sensitive information.
- risk 0.27cvss 4.1epss 0.00
There is an information disclosure vulnerability in the GoldenDB database product. Attackers can exploit error messages to obtain the system's sensitive information.
- CVE-2005-1484May 11, 2005risk 0.00cvss —epss 0.02
Directory traversal vulnerability in Golden FTP server pro 2.52 allows remote attackers to read arbitrary files via a "\.." (backward slash dot dot) with a leading '"' (double quote) in the GET command.
- CVE-2005-1485May 11, 2005risk 0.00cvss —epss 0.01
Golden FTP Server Pro 2.52 allows remote attackers to obtain sensitive information via a GET request for a file that does not exist, which reveals the absolute path of the FTP server in the resulting FTP error message.