Databasir v1.0.7 was discovered to contain a remote code execution (RCE) vulnerability via the mockDataScript...
9.8CVSS
9.8AI Score
0.007EPSS
Databasir is a database metadata management platform. Databasir <= 1.06 has Server-Side Request Forgery (SSRF) vulnerability. The SSRF is triggered by a sending a single HTTP POST request to create a databaseType. By supplying a jdbcDriverFileUrl that returns a non 200 response code, the url is....
7.5CVSS
7.5AI Score
0.001EPSS
Databasir is a team-oriented relational database model document management platform. Databasir 1.01 has remote code execution vulnerability. JDBC drivers are not validated prior to use and may be provided by users of the system. This can lead to code execution by any basic user who has access to...
8.8CVSS
9AI Score
0.007EPSS
Databasir is a team-oriented relational database model document management platform. Databasir 1.01 has Server-Side Request Forgery vulnerability. During the download verification process of a JDBC driver the corresponding JDBC driver download address will be downloaded first, but this address...
7.7CVSS
7.5AI Score
0.001EPSS
Databasir is a team-oriented relational database model document management platform. Databasir 1.01 has Use of Hard-coded Cryptographic Key vulnerability. An attacker can use hard coding to generate login credentials of any user and log in to the service background located at different IP...
9.8CVSS
9.3AI Score
0.006EPSS