48 matches found
EUVD-2025-22009
Malicious code in bioql PyPI...
EUVD-2023-56489
Malicious code in bioql PyPI...
EUVD-2025-1755
Malicious code in bioql PyPI...
EUVD-2025-24054
Malicious code in bioql PyPI...
EUVD-2024-49351
Malicious code in bioql PyPI...
EUVD-2025-29650
Malicious code in bioql PyPI...
CVE-2025-57631
SQL Injection vulnerability in TDuckCloud v.5.1 allows a remote attacker to execute arbitrary code via the Add a file upload module...
CVE-2025-57631
SQL Injection vulnerability in TDuckCloud v.5.1 allows a remote attacker to execute arbitrary code via the Add a file upload module...
CVE-2025-57631
SQL Injection vulnerability in TDuckCloud v.5.1 allows a remote attacker to execute arbitrary code via the Add a file upload module...
TDuckCloud tduck-platform 安全漏洞
TDuckCloud tduck-platform is an open source form survey system from China's Zongda Numerical Wei TDuckCloud company. A security vulnerability exists in TDuckCloud tduck-platform version 5.1, which stems from a SQL injection vulnerability in the file upload module that could lead to the execution ...
CVE-2025-57631
SQL Injection vulnerability in TDuckCloud v.5.1 allows a remote attacker to execute arbitrary code via the Add a file upload module...
PT-2025-38072
Name of the Vulnerable Software and Affected Versions: TDuckCloud version 5.1 Description: A SQL Injection issue exists in TDuckCloud version 5.1, allowing a remote attacker to execute arbitrary code through the Add a file upload module. Recommendations: At the moment, there is no information abo...
CVE-2025-57631
TDuckCloud CVE-2025-57631 is a SQL injection affecting TDuckCloud v5.1 through the file-upload module, enabling a remote attacker to execute arbitrary code. The CVE’s metrics show a high-severity, network-exploitable impact with no user interaction required. The available connected documents conf...
CVE-2025-57631
SQL Injection vulnerability in TDuckCloud v.5.1 allows a remote attacker to execute arbitrary code via the Add a file upload module...
CVE-2025-8756
A vulnerability has been found in TDuckCloud tduck-platform up to 5.1 and classified as critical. Affected by this vulnerability is the function preHandle of the file /manage/ of the component com.tduck.cloud.api.web.interceptor.AuthorizationInterceptor. The manipulation leads to improper...
CVE-2025-8756
A vulnerability has been found in TDuckCloud tduck-platform up to 5.1 and classified as critical. Affected by this vulnerability is the function preHandle of the file /manage/ of the component com.tduck.cloud.api.web.interceptor.AuthorizationInterceptor. The manipulation leads to improper...
CVE-2025-8756 TDuckCloud tduck-platform manage preHandle improper authorization
A vulnerability has been found in TDuckCloud tduck-platform up to 5.1 and classified as critical. Affected by this vulnerability is the function preHandle of the file /manage/ of the component com.tduck.cloud.api.web.interceptor.AuthorizationInterceptor. The manipulation leads to improper...
CVE-2025-8756 TDuckCloud tduck-platform manage preHandle improper authorization
A vulnerability has been found in TDuckCloud tduck-platform up to 5.1 and classified as critical. Affected by this vulnerability is the function preHandle of the file /manage/ of the component com.tduck.cloud.api.web.interceptor.AuthorizationInterceptor. The manipulation leads to improper...
PT-2025-32443 · Tduckcloud · Tduck-Platform
Name of the Vulnerable Software and Affected Versions: TDuckCloud tduck-platform versions prior to 5.2 Description: A critical issue exists in TDuckCloud tduck-platform prior to version 5.2 related to improper authorization. The vulnerability is located in the preHandle function of the /manage/...
CVE-2025-7888
A vulnerability was found in TDuckCloud tduck-platform 5.1 and classified as critical. This issue affects the function UserFormDataMapper of the file src/main/java/com/tduck/cloud/form/mapper/UserFormDataMapper.java. The manipulation of the argument formKey leads to sql injection. The attack may ...