dbsyncer_project dbsyncer CVE Vulnerabilities (2)

CVEs: 2 CPE versions: View versions table

Summary

This page lists publicly disclosed CVE vulnerabilities affecting dbsyncer_project dbsyncer (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.

Showing 12 of 2 CVEs
«« First « Prev Page 1 / 1 Next »
CVE Summary Source Max CVSS EPSS % Published Updated
CVE-2025-45237 Incorrect access control in the component /config/download of DBSyncer v2.0.6 allows attackers to access the JSON file containing sensitive account information, including the encrypted password. [email protected] 7.5 0.38% 2025-05-05 2026-06-17
CVE-2025-45236 A stored cross-site scripting (XSS) vulnerability in the Edit Profile feature of DBSyncer v2.0.6 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Nickname parameter. [email protected] 5.4 0.26% 2025-05-05 2026-06-17
«« First « Prev Page 1 / 1 Next »
cvelogic Threat Intelligence