Part-DB/Part-DB-legacy

Releases27

Frequency4 months 1 week

Last Release over 3 years ago

Stars164

[LEGACY Version] Open Source Electronic Parts Database using PHP and MySQL

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2019-25432 ↗	Feb 20, 2026Friday, 20 February 2026, 23:15	7.5 HIGH	—
Part-DB 0.4 contains an authentication bypass vulnerability that allows unauthenticated attackers to login by injecting SQL syntax into authentication parameters. Attackers can submit a single quote followed by 'or' in the login form to bypass credential validation and gain unauthorized access to the application.
CVE-2022-0848 ↗	Mar 4, 2022Friday, 4 March 2022, 09:15	9.8 CRITICAL	10 HIGH
OS Command Injection in GitHub repository part-db/part-db prior to 0.5.11.