CVE-2025-9148

A vulnerability was found in CodePhiliaX Chat2DB up to 0.3.7. This affects an unknown function of the file ai/chat2db/server/web/api/controller/data/source/DataSourceController.java of the component JDBC Connection Handler. The manipulation results in sql injection. The attack can be executed...

CVE-2025-9148

A vulnerability was found in CodePhiliaX Chat2DB up to 0.3.7. This affects an unknown function of the file ai/chat2db/server/web/api/controller/data/source/DataSourceController.java of the component JDBC Connection Handler. The manipulation results in sql injection. The attack can be executed...

CVE-2025-9148 CodePhiliaX Chat2DB JDBC Connection DataSourceController.java sql injection

A vulnerability was found in CodePhiliaX Chat2DB up to 0.3.7. This affects an unknown function of the file ai/chat2db/server/web/api/controller/data/source/DataSourceController.java of the component JDBC Connection Handler. The manipulation results in sql injection. The attack can be executed...

CVE-2025-9148 CodePhiliaX Chat2DB JDBC Connection DataSourceController.java sql injection

A vulnerability was found in CodePhiliaX Chat2DB up to 0.3.7. This affects an unknown function of the file ai/chat2db/server/web/api/controller/data/source/DataSourceController.java of the component JDBC Connection Handler. The manipulation results in sql injection. The attack can be executed...

CVE-2025-9148

CVE-2025-9148 affects CodePhiliaX Chat2DB up to 0.3.7, specifically the JDBC Connection Handler’s DataSourceController.java. The vulnerability is a SQL injection in an unknown function of that file, enabling remote exploitation. Public exploits have been disclosed. Multiple sources corroborate re...

PT-2025-33817 · Unknown · Codephiliax Chat2Db

Name of the Vulnerable Software and Affected Versions: CodePhiliaX Chat2DB versions through 0.3.7 Description: A SQL injection issue exists in the JDBC Connection Handler component of CodePhiliaX Chat2DB. The issue affects an unknown function within the...

CodePhiliaX Chat2DB 注入漏洞

CodePhiliaX Chat2DB is an AI-driven SQL client from CodePhiliaX open source. CodePhiliaX Chat2DB 0.3.7 and earlier versions have an injection vulnerability that stems from a SQL injection vulnerability in the file DataSourceController.java in the component JDBC Connection Handler...

CVE-2024-55081

An XML External Entity XXE injection vulnerability in the component /datagrip/upload of Chat2DB v0.3.5 allows attackers to execute arbitrary code via supplying a crafted XML input...

CVE-2024-55081

An XML External Entity XXE injection vulnerability in the component /datagrip/upload of Chat2DB v0.3.5 allows attackers to execute arbitrary code via supplying a crafted XML input...

CVE-2024-55081

CVE-2024-55081 describes an XML External Entity (XXE) injection in the Chat2DB 0.3.5 component /datagrip/upload that can lead to arbitrary code execution when a crafted XML input is supplied. Affected software: Chat2DB v0.3.5; vulnerable part: /datagrip/upload; root cause: XXE vulnerability. Impa...

PT-2024-36471 · Chat2Db · Chat2Db

Name of the Vulnerable Software and Affected Versions: Chat2DB version 0.3.5 Description: A vulnerability in the /datagrip/upload component of Chat2DB allows attackers to execute arbitrary code via supplying a crafted XML input, exploiting an XML External Entity XXE injection flaw. Recommendation...

CVE-2024-55081

An XML External Entity XXE injection vulnerability in the component /datagrip/upload of Chat2DB v0.3.5 allows attackers to execute arbitrary code via supplying a crafted XML input...

CVE-2024-55081

An XML External Entity XXE injection vulnerability in the component /datagrip/upload of Chat2DB v0.3.5 allows attackers to execute arbitrary code via supplying a crafted XML input...

Chat2DB 安全漏洞

Chat2DB is an AI-driven SQL client open-sourced by CodePhiliaX. A security vulnerability exists in Chat2DB version v0.3.5, which stems from the presence of XML external entity injection in the component /datagrip/upload, allowing an attacker to execute arbitrary code by providing crafted XML inpu...