Description
PostgreSQL 8.1 and probably later versions, when local trust authentication is enabled and the Database Link library (dblink) is installed, allows remote attackers to access arbitrary accounts and execute arbitrary SQL queries via a dblink host parameter that proxies the connection from 127.0.0.1.
Remediation
References
Related Vulnerabilities
WordPress Plugin Responsive Gallery Grid Cross-Site Scripting (2.3.8)
Oracle Application Server Other Vulnerability (CVE-2006-5362)
UAParser.js Inefficient Regular Expression Complexity Vulnerability (CVE-2022-25927)
WordPress Plugin Form Builder-Create Responsive Contact Forms Cross-Site Scripting (1.9.8.4)