Every CVE whose affected-product data names Archerydms Archery, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (15)
CVE-2022-38537 — CVSS 9.8 (critical): Archery v1.4.5 to v1.8.5 was discovered to contain multiple SQL injection vulnerabilities via the start_file, end_file, start_time, and…
CVE-2022-38538 — CVSS 9.8 (critical): Archery v1.7.0 to v1.8.5 was discovered to contain a SQL injection vulnerability via the checksum parameter in the report module.
CVE-2022-38539 — CVSS 9.8 (critical): Archery v1.7.5 to v1.8.5 was discovered to contain a SQL injection vulnerability via the where parameter at /archive/apply.
CVE-2022-38540 — CVSS 9.8 (critical): Archery v1.4.0 to v1.8.5 was discovered to contain a SQL injection vulnerability via the ThreadIDs parameter in the create_kill_session…
CVE-2022-38541 — CVSS 9.8 (critical): Archery v1.8.3 to v1.8.5 was discovered to contain multiple SQL injection vulnerabilities via the start_time and stop_time parameters in…
CVE-2022-38542 — CVSS 9.8 (critical): Archery v1.4.0 to v1.8.5 was discovered to contain a SQL injection vulnerability via the ThreadIDs parameter in the kill_session interface…
CVE-2023-48053 — CVSS 7.5 (high): Archery v1.10.0 uses a non-random or static IV for Cipher Block Chaining (CBC) mode in AES encryption. This vulnerability can lead to the…
CVE-2023-30553 — CVSS 6.5 (medium): Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an…
CVE-2023-30554 — CVSS 6.5 (medium): Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an…
CVE-2023-30555 — CVSS 6.5 (medium): Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an…
CVE-2023-30556 — CVSS 6.5 (medium): Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an…
CVE-2023-30557 — CVSS 6.5 (medium): Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an…
CVE-2023-30558 — CVSS 6.5 (medium): Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an…
CVE-2023-30605 — CVSS 6.5 (medium): Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an…
CVE-2023-30552 — CVSS 6.5 (medium): Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an…