PT-2023-23487 · Oracle · Mysql Server

Name of the Vulnerable Software and Affected Versions: davinci version 0.3.0-rc Description: The issue allows a user to connect to a malicious MySQL server after logging in, by controlling the data source. This can lead to reading arbitrary files on the client side. Recommendations: For davinci...

Davinci 安全漏洞

Davinci is edp open source a DVsaaS data visualization service platform. A security vulnerability exists in Davinci version 0.3.0-rc, which originates from the fact that a user can connect to a malicious mysql server via a controlled data source and read arbitrary files on the client side...

Davinci 代码问题漏洞

Davinci is an edp open source DVsaaS Data Visualization Service platform. A security vulnerability exists in Davinci version 0.3.0-rc, which stems from vulnerability to server request forgery SSRF attacks...

PT-2023-23488 · Davinci · Davinci

Name of the Vulnerable Software and Affected Versions: davinci version 0.3.0-rc Description: The issue is related to Server-side request forgery SSRF. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was...

PT-2023-19479 · Davinci · Davinci

Name of the Vulnerable Software and Affected Versions: Davinci version 0.3.0-rc Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the copyDisplay function. Recommendations: For Davinci version 0.3.0-rc, consider disabling the copyDisplay...