15 matches found
CVE-2026-5848
A vulnerability was found in jeecgboot JimuReport up to 2.3.0. The affected element is the function DriverManager.getConnection of the file /drag/onlDragDataSource/testConnection of the component Data Source Handler. Performing a manipulation of the argument dbUrl results in code injection. The...
CVE-2026-5848 jeecgboot JimuReport Data Source testConnection DriverManager.getConnection code injection
A vulnerability was found in jeecgboot JimuReport up to 2.3.0. The affected element is the function DriverManager.getConnection of the file /drag/onlDragDataSource/testConnection of the component Data Source Handler. Performing a manipulation of the argument dbUrl results in code injection. The...
JimuReport 代码注入漏洞
JimuReport is a free reporting tool developed by JEECG in China. Versions of JimuReport 2.3.0 and earlier had a code injection vulnerability. This vulnerability stemmed from incorrect handling of the parameter dbUrl in the DriverManager.getConnection function within the Data Source Handler...
CVE-2023-5016
A vulnerability was found in spider-flow up to 0.5.0. It has been declared as critical. Affected by this vulnerability is the function DriverManager.getConnection of the file src/main/java/org/spiderflow/controller/DataSourceController.java of the component API. The manipulation leads to...
PT-2023-31485 · Unknown · Spider-Flow
Name of the Vulnerable Software and Affected Versions: spider-flow versions up to 0.5.0 Description: A critical issue has been found, affecting the function DriverManager.getConnection of the file src/main/java/org/spiderflow/controller/DataSourceController.java in the API component. This issue...
Ubuntu 16.04 ESM : unixODBC vulnerability (USN-6276-1)
The remote Ubuntu 16.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-6276-1 advisory. It was discovered that unixODBC incorrectly handled certain unicode to ansi copies. An attacker could possibly use this issue to cause a denial of service. Tenabl...
Exploit for Deserialization of Untrusted Data in Netapp Cloud_Backup
Description CVE-2020-36179: FasterXML jackson-databind 2.x be...
unixODBC Buffer Overflow Vulnerability
unixODBC is a set of open source ODBC subsystem and ODBC software development tools for Linux, Mac OS and UNIX platforms. A buffer overflow vulnerability exists in the 'unicodetoansicopy' function in the DriverManager/info.c file in unixODBC. An attacker can exploit this vulnerability to cause a...
CVE-2018-7409
In unixODBC before 2.3.5, there is a buffer overflow in the unicodetoansicopy function in DriverManager/info.c...
CVE-2018-7409
In unixODBC before 2.3.5, there is a buffer overflow in the unicodetoansicopy function in DriverManager/info.c...
Java Applet - Driver Manager Privileged 'toString()' Remote Code Execution (Metasploit)
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' require 'rex' class Metasploit3 false def initialize inf...
Java Applet Driver Manager Privileged toString() Remote Code Execution
This Metasploit module abuses the java.sql.DriverManager class where the toString method is called over user supplied classes, from a doPrivileged block. The vulnerability affects Java version 7u17 and earlier. This exploit bypasses click-to-play on IE throw a specially crafted JNLP file. This...
Java Runtime Environment DriverManager doPrivileged block sandbox bypass
Added: 05/24/2013 CVE: CVE-2013-1488 BID: 58504 OSVDB: 91472 Background Oracle Java is a development platform for developing and deploying Java applications. It includes the Java Development Kit JDK and the Java Runtime Environment JRE. The JRE provides the minimum requirements for executing a Ja...
Java Runtime Environment DriverManager doPrivileged block sandbox bypass
Added: 05/24/2013 CVE: CVE-2013-1488 BID: 58504 OSVDB: 91472 Background Oracle Java is a development platform for developing and deploying Java applications. It includes the Java Development Kit JDK and the Java Runtime Environment JRE. The JRE provides the minimum requirements for executing a Ja...
(Pwn2Own) Oracle Java DriverManager Privilege Block Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the usage of...