← Back

Pghero

pghero

Vendor: Pghero Project • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2023-22626
1Pghero Project
1Pghero
Jun 17, 2026
Jan 5, 2023
N/A· v4
7.5 HIGH· v3
N/A· v2
PgHero before 3.1.0 allows Information Disclosure via EXPLAIN because query results may be present in an error message. (Depending on database user privileges, this may only be information from the database, or may be in...Show more
PgHero before 3.1.0 allows Information Disclosure via EXPLAIN because query results may be present in an error message. (Depending on database user privileges, this may only be information from the database, or may be information from file contents on the database server.)Show less
CVE-2020-16253
1Pghero Project
1Pghero
Jun 17, 2026
Aug 5, 2020
N/A· v4
8.1 HIGH· v3
5.8 MEDIUM· v2
The PgHero gem through 2.6.0 for Ruby allows CSRF.