3 matches found
CVE-2022-24862
Databasir is a team-oriented relational database model document management platform. Databasir 1.01 has Server-Side Request Forgery vulnerability. During the download verification process of a JDBC driver the corresponding JDBC driver download address will be downloaded first, but this address wi...
CVE-2022-24862
Databasir 1.01 contains a Server-Side Request Forgery (SSRF) flaw in the JDBC driver download verification process: the download URL is fetched, but accessing a non-existent URL returns a full error page. This behavior can be exploited for SSRF. Exploitation details, impact scope, and fixes are n...
CVE-2022-24862 Server-Side Request Forgery in Databasir
Databasir is a team-oriented relational database model document management platform. Databasir 1.01 has Server-Side Request Forgery vulnerability. During the download verification process of a JDBC driver the corresponding JDBC driver download address will be downloaded first, but this address wi...