CVE-2025-65792

DataGear v5.5.0 is vulnerable to Arbitrary File Deletion...

CVE-2023-1572

A vulnerability has been found in DataGear up to 1.11.1 and classified as problematic. This vulnerability affects unknown code of the component Plugin Handler. The manipulation leads to cross site scripting. It is possible to launch the attack on the local host. The exploit has been disclosed to...

PT-2024-15279 · Datagear · Datagear

Name of the Vulnerable Software and Affected Versions: DataGear versions up to 4.60 Description: A critical issue affects the unknown code of the file /dataSet/resolveSql, where the manipulation of the sql argument leads to sql injection. The attack can be initiated remotely. Upgrading to version...

DataGear 安全漏洞

DataGear is an open source, free data visualization and analysis platform from DataGear, Inc. A security vulnerability exists in DataGear version 5.0.0 and earlier versions, which originates in the function evaluationVariableExpression in the file ConversionSqlParamValueMapper.java that causes...

PT-2023-17089 · Datagear · Datagear

Name of the Vulnerable Software and Affected Versions: DataGear versions up to 1.11.1 Description: A vulnerability was found in the Graph Dataset Handler component, leading to cross-site scripting. The attack can be initiated remotely. The issue affects some unknown processing of this component...

PT-2023-17087 · Datagear · Datagear

Name of the Vulnerable Software and Affected Versions: DataGear versions up to 4.5.0 Description: A critical issue was found in DataGear, affecting an unknown part of the file /analysisProject/pagingQueryData. The manipulation of the queryOrder argument leads to sql injection. It is possible to...