3 matches found
CVE-2023-31847
In davinci 0.3.0-rc after logging in, the user can connect to the mysql malicious server by controlling the data source to read arbitrary files on the client side...
Code injection
In davinci 0.3.0-rc after logging in, the user can connect to the mysql malicious server by controlling the data source to read arbitrary files on the client side...
Server side request forgery (ssrf)
davinci 0.3.0-rc is vulnerable to Server-side request forgery SSRF...