Vulnerabilities > Archerydms

DATE CVE VULNERABILITY TITLE RISK
2023-11-16 CVE-2023-48053 Use of Hard-coded Credentials vulnerability in Archerydms Archery 1.9.0
Archery v1.10.0 uses a non-random or static IV for Cipher Block Chaining (CBC) mode in AES encryption.
network
low complexity
archerydms CWE-798
7.5
2023-04-19 CVE-2023-30552 SQL Injection vulnerability in Archerydms Archery 1.9.0
Archery is an open source SQL audit platform.
network
low complexity
archerydms CWE-89
6.5
2023-04-19 CVE-2023-30553 SQL Injection vulnerability in Archerydms Archery 1.9.0
Archery is an open source SQL audit platform.
network
low complexity
archerydms CWE-89
6.5
2023-04-19 CVE-2023-30554 SQL Injection vulnerability in Archerydms Archery 1.9.0
Archery is an open source SQL audit platform.
network
low complexity
archerydms CWE-89
6.5
2023-04-19 CVE-2023-30555 SQL Injection vulnerability in Archerydms Archery 1.9.0
Archery is an open source SQL audit platform.
network
low complexity
archerydms CWE-89
6.5
2023-04-19 CVE-2023-30556 SQL Injection vulnerability in Archerydms Archery 1.9.0
Archery is an open source SQL audit platform.
network
low complexity
archerydms CWE-89
6.5
2023-04-19 CVE-2023-30557 SQL Injection vulnerability in Archerydms Archery 1.9.0
Archery is an open source SQL audit platform.
network
low complexity
archerydms CWE-89
6.5
2022-09-13 CVE-2022-38537 SQL Injection vulnerability in Archerydms Archery
Archery v1.4.5 to v1.8.5 was discovered to contain multiple SQL injection vulnerabilities via the start_file, end_file, start_time, and stop_time parameters in the binlog2sql interface.
network
low complexity
archerydms CWE-89
critical
9.8
2022-09-13 CVE-2022-38538 SQL Injection vulnerability in Archerydms Archery
Archery v1.7.0 to v1.8.5 was discovered to contain a SQL injection vulnerability via the checksum parameter in the report module.
network
low complexity
archerydms CWE-89
critical
9.8
2022-09-13 CVE-2022-38539 SQL Injection vulnerability in Archerydms Archery
Archery v1.7.5 to v1.8.5 was discovered to contain a SQL injection vulnerability via the where parameter at /archive/apply.
network
low complexity
archerydms CWE-89
critical
9.8