{"vulnerability": "CVE-2025-2478", "sightings": [{"uuid": "444a1753-1113-4029-b953-4d1e112c4ec1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24781", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lhc4uczjxb2r", "content": "", "creation_timestamp": "2025-02-03T18:03:12.826572Z"}, {"uuid": "bfa15e27-0d81-4b7d-9fbb-7d3d8b901500", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24781", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113941416930214873", "content": "", "creation_timestamp": "2025-02-03T18:40:46.890309Z"}, {"uuid": "12a54c90-897e-4d0c-9a1d-dab45f7b9b77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24784", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgxuz5cfmi27", "content": "", "creation_timestamp": "2025-01-30T16:16:06.414061Z"}, {"uuid": "d3d7f17f-6aef-49f8-ac6b-5da0be90e645", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24786", "type": "seen", "source": "https://bsky.app/profile/gothburz.bsky.social/post/3lhlxz2f5r527", "content": "", "creation_timestamp": "2025-02-07T16:03:00.778569Z"}, {"uuid": "56e8274c-0797-40b5-b184-c2e374483ee5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24787", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lhk4kp2b5d2v", "content": "", "creation_timestamp": "2025-02-06T22:19:06.412560Z"}, {"uuid": "f6b71e4a-490e-4512-bb8f-257a9a69541e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24786", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhjscr5sef27", "content": "", "creation_timestamp": "2025-02-06T19:15:42.755745Z"}, {"uuid": "f3fc4b91-fa9a-4f56-9a9d-1856b077deea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24787", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhjscu4xap2t", "content": "", "creation_timestamp": "2025-02-06T19:15:45.910360Z"}, {"uuid": "21ed26a0-50c8-487c-99ea-d69e8b1e1840", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24786", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lhk4kpeibe23", "content": "", "creation_timestamp": "2025-02-06T22:19:07.212472Z"}, {"uuid": "a25211eb-a445-489b-8000-bf13c580213a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24781", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhbtovzzt52f", "content": "", "creation_timestamp": "2025-02-03T15:19:06.283319Z"}, {"uuid": "23ce0b09-b677-49c0-90fb-3180338250dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24783", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113900872176957075", "content": "", "creation_timestamp": "2025-01-27T14:49:43.186826Z"}, {"uuid": "6c312052-dfe6-40ce-96cb-d706f099ffca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24783", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/113900885050035645", "content": "", "creation_timestamp": "2025-01-27T14:52:59.622313Z"}, {"uuid": "8245c8dc-fa6c-4811-94da-f5fbdbc354cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24786", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113958906157375278", "content": "", "creation_timestamp": "2025-02-06T20:48:32.020181Z"}, {"uuid": "c90ba124-c4d9-4bf2-a255-ed9259a49208", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24787", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113958906224442470", "content": "", "creation_timestamp": "2025-02-06T20:48:34.292173Z"}, {"uuid": "8c87ccd6-08f8-4a58-bfc3-a3d84243228d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24786", "type": "seen", "source": "https://bsky.app/profile/vulnalerts.bsky.social/post/3lhlsgiq4cz2p", "content": "", "creation_timestamp": "2025-02-07T14:23:10.257958Z"}, {"uuid": "3a2fb164-7923-4894-992f-dcacc7a4363e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24789", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113912895243480427", "content": "", "creation_timestamp": "2025-01-29T17:47:20.513987Z"}, {"uuid": "e4e5a4d6-ad09-4490-a010-92049eb3429a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24782", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgqadpootx2j", "content": "", "creation_timestamp": "2025-01-27T15:17:34.157811Z"}, {"uuid": "43cabd22-db01-4ab7-8246-1cc716f316fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24789", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lgvojt27bb2h", "content": "", "creation_timestamp": "2025-01-29T19:14:50.911778Z"}, {"uuid": "df2ebe7d-88bd-4102-b32c-afa83a3a7218", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24783", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgqads4wcm2t", "content": "", "creation_timestamp": "2025-01-27T15:17:36.673405Z"}, {"uuid": "50cfeec4-40c3-4e66-a43e-e02c67629d48", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24789", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgvlavortv2c", "content": "", "creation_timestamp": "2025-01-29T18:16:09.639761Z"}, {"uuid": "55e834e7-e755-4eb7-b9b8-219b644cd65f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24788", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113913533921377180", "content": "", "creation_timestamp": "2025-01-29T20:29:46.350638Z"}, {"uuid": "8c28c9a3-cc8b-47a5-8854-72dde769dd02", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24787", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113958415500125710", "content": "", "creation_timestamp": "2025-02-06T18:43:44.491456Z"}, {"uuid": "9b8ed1ae-beb3-440a-abca-6083017ffb9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24786", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113958415485426001", "content": "", "creation_timestamp": "2025-02-06T18:43:44.278765Z"}, {"uuid": "c706106b-aedc-40ae-b006-e31802ed5ffe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24781", "type": "seen", "source": "MISP/f7787455-9994-4047-b6f7-77347597c104", "content": "", "creation_timestamp": "2025-08-26T18:36:19.000000Z"}, {"uuid": "fab00581-8057-472e-b99d-cd0eccef7398", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24788", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgvvbtufk52e", "content": "", "creation_timestamp": "2025-01-29T21:15:38.553965Z"}, {"uuid": "2b6adad9-7132-45a9-b9ce-ecfed1efde7a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-24786", "type": "seen", "source": "https://bsky.app/profile/kyosuke-tanaka.bsky.social/post/3lhsbl37x4s2f", "content": "", "creation_timestamp": "2025-02-10T04:10:09.616034Z"}, {"uuid": "7da59c29-cbaa-432f-a4de-1734f7aaae58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-24787", "type": "seen", "source": "https://bsky.app/profile/kyosuke-tanaka.bsky.social/post/3lhsbl37x4s2f", "content": "", "creation_timestamp": "2025-02-10T04:10:09.672495Z"}, {"uuid": "c638ddca-80f5-468c-9092-04939c333598", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24786", "type": "seen", "source": "https://bsky.app/profile/dinosn.bsky.social/post/3lhscm5xcrk2m", "content": "", "creation_timestamp": "2025-02-10T04:28:41.475935Z"}, {"uuid": "894f25b0-6098-461e-abd5-5f75e9aa9b2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24787", "type": "seen", "source": "https://bsky.app/profile/dinosn.bsky.social/post/3lhscm5xcrk2m", "content": "", "creation_timestamp": "2025-02-10T04:28:41.533351Z"}, {"uuid": "b297acbf-4690-4ab0-845b-d475da2f1b3f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24785", "type": "seen", "source": "https://bsky.app/profile/potato.software/post/3lp5ci25te42r", "content": "", "creation_timestamp": "2025-05-14T15:21:56.379462Z"}, {"uuid": "7654e29b-5351-4386-bdb9-199d23f40f5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24783", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lgqf4kmuxv23", "content": "", "creation_timestamp": "2025-01-27T16:43:02.568838Z"}, {"uuid": "dd6b3936-6cd3-4a0b-915f-6098cacc652e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2478", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkx7uzccjv26", "content": "", "creation_timestamp": "2025-03-22T07:38:50.682321Z"}, {"uuid": "dde1afaf-6154-4c95-83ea-3f7fd25b250c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24786", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2025/CVE-2025-24786.yaml", "content": "", "creation_timestamp": "2026-02-01T20:46:40.000000Z"}, {"uuid": "e6fac422-df09-4357-a32e-a9756d99e253", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24786", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3mdyb3p3drs24", "content": "", "creation_timestamp": "2026-02-03T21:02:56.453298Z"}, {"uuid": "4ebd7a10-25d7-43e0-89ac-72af92102696", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24787", "type": "seen", "source": "https://t.me/cvedetector/17427", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-24787 - WhoDB MySQL File Disclosure Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-24787 \nPublished : Feb. 6, 2025, 7:15 p.m. | 1\u00a0hour, 27\u00a0minutes ago \nDescription : WhoDB is an open source database management tool. In affected versions the application is vulnerable to parameter injection in database connection strings, which allows an attacker to read local files on the machine the application is running on. The application uses string concatenation to build database connection URIs which are then passed to corresponding libraries responsible for setting up the database connections. This string concatenation is done unsafely and without escaping or encoding the user input. This allows an user, in many cases, to inject arbitrary parameters into the URI string. These parameters can be potentially dangerous depending on the libraries used. One of these dangerous parameters is `allowAllFiles` in the library `github.com/go-sql-driver/mysql`. Should this be set to `true`, the library enables running the `LOAD DATA LOCAL INFILE` query on any file on the host machine (in this case, the machine that WhoDB is running on). By injecting `&allowAllFiles=true` into the connection URI and connecting to any MySQL server (such as an attacker-controlled one), the attacker is able to read local files. This issue has been addressed in version 0.45.0 and all users are advised to upgrade. There are no known workarounds for this vulnerability. \nSeverity: 8.6 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-06T21:55:35.000000Z"}, {"uuid": "08d15040-ad5a-403c-b47f-cddaaaac4f40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24782", "type": "seen", "source": "Telegram/uVzfu-Fjnbs-4AmfjjumtZTIGvEZepB3bI9F9_pI5TJkXUM", "content": "", "creation_timestamp": "2026-04-01T21:28:09.000000Z"}, {"uuid": "7a4a88a8-d8b9-4763-bffe-cc8c78aef47c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24786", "type": "seen", "source": "https://t.me/cvedetector/17426", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-24786 - WhoDB Path Traversal SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-24786 \nPublished : Feb. 6, 2025, 7:15 p.m. | 1\u00a0hour, 27\u00a0minutes ago \nDescription : WhoDB is an open source database management tool. While the application only displays Sqlite3 databases present in the directory `/db`, there is no path traversal prevention in place. This allows an unauthenticated attacker to open any Sqlite3 database present on the host machine that the application is running on. Affected versions of WhoDB allow users to connect to Sqlite3 databases. By default, the databases must be present in `/db/` (or alternatively `./tmp/` if development mode is enabled).  If no databases are present in the default directory, the UI indicates that the user is unable to open any databases. The database file is an user-controlled value. This value is used in `.Join()` with the default directory, in order to get the full path of the database file to open. No checks are performed whether the database file that is eventually opened actually resides in the default directory `/db`. This allows an attacker to use path traversal (`../../`) in order to open any Sqlite3 database present on the system. This issue has been addressed in version 0.45.0 and all users are advised to upgrade. There are no known workarounds for this vulnerability. \nSeverity: 10.0 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-06T21:55:31.000000Z"}, {"uuid": "084948f0-fd85-4328-ba57-cc3702a9c470", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24789", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/3381", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-24789\n\ud83d\udd25 CVSS Score: 7.7 (CVSS_V3)\n\ud83d\udd39 Description: ### Issue\nSnowflake discovered and remediated a vulnerability in the Snowflake JDBC Driver. When the EXTERNALBROWSER authentication method is used on Windows, an attacker with write access to a directory in the %PATH% can escalate their privileges to the user that runs the vulnerable JDBC Driver version.\n\nThis vulnerability affects versions 3.2.3 through 3.21.0 on Windows. Snowflake fixed the issue in version 3.22.0.\n\n### Vulnerability Details\nWhen the EXTERNALBROWSER authentication method is selected, the Snowflake JDBC Driver on non-macOS operating systems tries to open the SSO URL using xdg-open. Because xdg-open is a Linux program that doesn\u2019t exist in a default Windows installation, a sufficiently privileged attacker could place a malicious executable in one of the directories on the %PATH% and achieve local privilege escalation to the user running the JDBC Driver.\n\n### Solution\nSnowflake released version 3.22.0 of the Snowflake JDBC Driver, which fixes this issue. We recommend users upgrade to version 3.22.0.\n\n### Additional Information\nIf you discover a security vulnerability in one of our products or websites, please report the issue to HackerOne. For more information, please see our [Vulnerability Disclosure Policy](https://hackerone.com/snowflake?type=team).\n\ud83d\udccf Published: 2025-01-29T18:41:57Z\n\ud83d\udccf Modified: 2025-01-29T18:41:57Z\n\ud83d\udd17 References:\n1. https://github.com/snowflakedb/snowflake-jdbc/security/advisories/GHSA-7hpq-3g6w-pvhf\n2. https://nvd.nist.gov/vuln/detail/CVE-2025-24789\n3. https://github.com/snowflakedb/snowflake-jdbc/commit/4f01bb8f9b708c71e7a2111c87371dbfc1d53dd6\n4. https://github.com/snowflakedb/snowflake-jdbc", "creation_timestamp": "2025-01-29T19:11:17.000000Z"}, {"uuid": "7198e437-2999-41d7-a0b2-6b2b2898f386", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24787", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/3802", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-24787\n\ud83d\udd25 CVSS Score: 8.7 (CVSS_V3)\n\ud83d\udd39 Description: ### Summary\n\nThe application is vulnerable to parameter injection in database connection strings, which allows an attacker to read local files on the machine the application is running on.\n\n### Details\n\nThe application uses string concatenation to build database connection URIs which are then passed to corresponding libraries responsible for setting up the database connections.\n\nThis string concatenation is done unsafely and without escaping or encoding the user input. This allows an user, in many cases, to inject arbitrary parameters into the URI string. These parameters can be potentially dangerous depending on the libraries used.\n\nOne of these dangerous parameters is `allowAllFiles` in the library `github.com/go-sql-driver/mysql`. Should this be set to `true`, the library enables running the `LOAD DATA LOCAL INFILE` query on any file on the host machine (in this case, the machine that WhoDB is running on). Source: https://github.com/go-sql-driver/mysql/blob/7403860363ca112af503b4612568c3096fecb466/infile.go#L128\n\nBy injecting `&allowAllFiles=true` into the connection URI and connecting to any MySQL server (such as an attacker-controlled one), the attacker is able to read local files.\n\n### PoC\n\nAs this vulnerability does not require sending requests manually and can all be done using the WhoDB UI, screenshots are provided instead of HTTP requests.\n\nFor this proof-of-concept, a clean instance of WhoDB and MySQL were set up using podman (docker is a suitable alternative):\n\n```\npodman network create whodb-poc\npodman run -d -p 8080:8080 --network whodb-poc docker.io/clidey/whodb\npodman run -d --name mysql -e MYSQL_ROOT_PASSWORD=password --network whodb-poc docker.io/mysql:9\n```\n\nThe attacker connects to the database via WhoDB. Note that in the `Loc` field, the string `&allowAllFiles=true` is inserted:\n\n![2025-01-21-13-28-08](https://github.com/user-attachments/assets/28709707-97e4-4d26-b61c-5462db6dd43f)\n\nAfter connecting, the attacker navigates to the scratchpad in `/scratchpad`.\n\nThe attacker first creates a demo table:\n```sql\nCREATE TABLE poc (\n    line TEXT\n);\n```\n\nThe attacker then enables loading files from the server side. For the sake of clarity, do note that while this is required, the file is not being read from the remote server where MySQL is running, but the local machine that WhoDB is running on.\n```sql\nSET GLOBAL local_infile=1;\n```\n\nThe attacker then uses the `LOAD DATA LOCAL INFILE` statement to read the contents of `/etc/passwd` (in this case from inside the container where WhoDB is running) into the previously created table:\n```sql\nLOAD DATA LOCAL INFILE '/etc/passwd'\nINTO TABLE poc\nFIELDS TERMINATED BY '\\0'\nLINES TERMINATED BY '\\n';\n```\n\nThe attacker then navigates to the `poc` table in the _Tables_ view and observes that the file has been read successfully:\n\n![2025-01-21-14-04-47](https://github.com/user-attachments/assets/c8f499ce-0d40-49ba-a2c6-fe2d12c677c5)\n\n### Impact\n\nWhile this proof-of-concept demonstrates local file inclusion, the root cause of the issue is the unsafe construction of database connection URIs from user input. Not all database connector libraries used in WhoDB were inspected; there may be libraries which allow for even more impactful parameters.\n\nThe attack requires no user authentication to WhoDB (only authentication to any database server, such as an attacker-controlled one) and no special configuration - the default configuration of the application is vulnerable.\n\ud83d\udccf Published: 2025-02-06T19:58:37Z\n\ud83d\udccf Modified: 2025-02-07T17:35:21Z\n\ud83d\udd17 References:\n1. https://github.com/clidey/whodb/security/advisories/GHSA-c7w4-9wv8-7x7c\n2. https://nvd.nist.gov/vuln/detail/CVE-2025-24787\n3. https://github.com/clidey/whodb/commit/8d67b767e00552e5eba2b1537179b74bfa662ee1\n4. https://github.com/clidey/whodb\n5. https://github.com/go-sql-driver/mysql/blob/7403860363ca112af503b4612568c3096fecb466/infile.go#L128", "creation_timestamp": "2025-02-07T18:03:02.000000Z"}, {"uuid": "67e38505-aa33-4f7e-a5b2-dd329bee14f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24788", "type": "seen", "source": "https://t.me/cvedetector/16703", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-24788 - Snowflake Connector for .NET File Disclosure Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-24788 \nPublished : Jan. 29, 2025, 9:15 p.m. | 1\u00a0hour, 9\u00a0minutes ago \nDescription : snowflake-connector-net is the Snowflake Connector for .NET. Snowflake discovered and remediated a vulnerability in the Snowflake Connector for .NET in which files downloaded from stages are temporarily placed in a world-readable local directory, making them accessible to unauthorized users on the same machine. This vulnerability affects versions 2.0.12 through 4.2.0 on Linux and macOS. Snowflake fixed the issue in version 4.3.0. \nSeverity: 5.0 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"29 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-30T00:02:54.000000Z"}, {"uuid": "e0f84701-73b7-4873-ad9d-40e3e44ad76b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24784", "type": "seen", "source": "https://t.me/cvedetector/16791", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-24784 - \"Kubewarden-controller AdmissionPolicyGroup Context Aware Policy Escalation\"\", \n  \"Content\": \"CVE ID : CVE-2025-24784 \nPublished : Jan. 30, 2025, 4:15 p.m. | 48\u00a0minutes ago \nDescription : kubewarden-controller is a Kubernetes controller that allows you to dynamically register Kubewarden admission policies. The policy group feature, added to by the 1.17.0 release. By being namespaced, the AdmissionPolicyGroup has a well constrained impact on cluster resources. Hence, it\u2019s considered safe to allow non-admin users to create and manage these resources in the namespaces they own. Kubewarden policies can be allowed to query the Kubernetes API at evaluation time; these types of policies are called \u201ccontext aware\u201c. Context aware policies can perform list and get operations against a Kubernetes cluster. The queries are done using the ServiceAccount of the Policy Server instance that hosts the policy. That means that access to the cluster is determined by the RBAC rules that apply to that ServiceAccount. The AdmissionPolicyGroup CRD allowed the deployment of context aware policies. This could allow an attacker to obtain information about resources that are out of their reach, by leveraging a higher access to the cluster granted to the ServiceAccount token used to run the policy. The impact of this vulnerability depends on the privileges that have been granted to the ServiceAccount used to run the Policy Server and assumes that users are using the recommended best practices of keeping the Policy Server's ServiceAccount least privileged. By default, the Kubewarden helm chart grants access to the following resources (cluster wide) only: Namespace, Pod, Deployment and Ingress. This vulnerability is fixed in 1.21.0. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"30 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-30T18:26:52.000000Z"}, {"uuid": "d5cd88ca-59cb-47a7-9415-cc5ba523ffd4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24789", "type": "seen", "source": "https://t.me/cvedetector/16700", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-24789 - Snowflake JDBC Privilege Escalation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-24789 \nPublished : Jan. 29, 2025, 6:15 p.m. | 2\u00a0hours, 6\u00a0minutes ago \nDescription : Snowflake JDBC provides a JDBC type 4 driver that supports core functionality, allowing Java program to connect to Snowflake. Snowflake discovered and remediated a vulnerability in the Snowflake JDBC Driver. When the EXTERNALBROWSER authentication method is used on Windows, an attacker with write access to a directory in the %PATH% can escalate their privileges to the user that runs the vulnerable JDBC Driver version. This vulnerability affects versions 3.2.3 through 3.21.0 on Windows. Snowflake fixed the issue in version 3.22.0. \nSeverity: 7.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"29 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-29T21:32:23.000000Z"}, {"uuid": "9f9b15a1-6a54-47f6-aafe-1dc6166b34f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2478", "type": "seen", "source": "https://t.me/cvedetector/20862", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-2478 - WordPress Code Clone SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-2478 \nPublished : March 22, 2025, 7:15 a.m. | 1\u00a0hour, 56\u00a0minutes ago \nDescription : The Code Clone plugin for WordPress is vulnerable to time-based SQL Injection via the \u2018snippetId\u2019 parameter in all versions up to, and including, 0.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. \nSeverity: 4.9 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"22 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-22T10:22:33.000000Z"}, {"uuid": "158a6855-50b7-40e6-8040-caf877857eb9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24782", "type": "seen", "source": "https://t.me/cvedetector/16475", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-24782 - Wpwax Post Grid, Slider & Carousel Ultimate Remote File Inclusion Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-24782 \nPublished : Jan. 27, 2025, 3:15 p.m. | 1\u00a0hour, 18\u00a0minutes ago \nDescription : Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in wpWax Post Grid, Slider & Carousel Ultimate allows PHP Local File Inclusion. This issue affects Post Grid, Slider & Carousel Ultimate: from n/a through 1.6.10. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-27T17:40:33.000000Z"}, {"uuid": "b9b188c4-fdb4-45b3-a61a-7f5a85af7d2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24783", "type": "seen", "source": "https://t.me/cvedetector/16473", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-24783 - Apache Cocoon Pseudo-Random Number Generator (PRNG) Unpredictable Seed Guessability vulnerability.\", \n  \"Content\": \"CVE ID : CVE-2025-24783 \nPublished : Jan. 27, 2025, 3:15 p.m. | 1\u00a0hour, 18\u00a0minutes ago \nDescription : ** UNSUPPORTED WHEN ASSIGNED ** Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG) vulnerability in Apache Cocoon.  \n  \nThis issue affects Apache Cocoon: all versions.  \n  \nWhen a continuation is created, it gets a random identifier. Because the random number generator used to generate these identifiers was seeded with the startup time, it may not have been sufficiently unpredictable, and an attacker could use this to guess continuation ids and look up continuations they should not have had access to.  \n  \nAs a mitigation, you may enable the \"session-bound-continuations\" option to make sure continuations are not shared across sessions.  \n  \n  \nAs this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to the instance to trusted users.  \n  \nNOTE: This vulnerability only affects products that are no longer supported by the maintainer. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-27T17:40:28.000000Z"}, {"uuid": "8ce06e27-d433-4bea-98a2-fe93ea3721bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24781", "type": "seen", "source": "https://t.me/cvedetector/17062", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-24781 - WordPress Job Board Cross-site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2025-24781 \nPublished : Feb. 3, 2025, 3:15 p.m. | 1\u00a0hour, 21\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound WPJobBoard allows Reflected XSS. This issue affects WPJobBoard: from n/a through 5.10.1. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-03T17:48:39.000000Z"}, {"uuid": "0ba9d38c-fe37-4d66-81b6-244620af0883", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-24786", "type": "published-proof-of-concept", "source": "https://github.com/clidey/whodb/security/advisories/GHSA-9r4c-jwx3-3j76", "content": "", "creation_timestamp": "2025-02-06T18:32:11.000000Z"}, {"uuid": "87208a51-e8f7-4429-b927-ad5e4ad851c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24789", "type": "published-proof-of-concept", "source": "Telegram/dK9dkTvrn0tRhifIhon0dteFOucmqsRcjgBlg32fakAqe48", "content": "", "creation_timestamp": "2025-01-29T20:30:24.000000Z"}, {"uuid": "3d6dff64-115a-43d2-ab39-ddb6bacc4747", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24786", "type": "published-proof-of-concept", "source": "Telegram/62ADuuFkUh-GLH8SzGnVJ7_7GwT3veD_kQ_-knb1-PeB1sA", "content": "", "creation_timestamp": "2025-02-06T21:00:33.000000Z"}, {"uuid": "8ed331df-44f1-4877-9948-ae081761ccaf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24787", "type": "published-proof-of-concept", "source": "Telegram/62ADuuFkUh-GLH8SzGnVJ7_7GwT3veD_kQ_-knb1-PeB1sA", "content": "", "creation_timestamp": "2025-02-06T21:00:33.000000Z"}, {"uuid": "b43038d1-0c66-48c4-851a-447e582912e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-24787", "type": "published-proof-of-concept", "source": "https://github.com/clidey/whodb/security/advisories/GHSA-c7w4-9wv8-7x7c", "content": "", "creation_timestamp": "2025-02-06T18:32:31.000000Z"}]}