Tduck-platform Security Vulnerabilities and Issues — Tduck-platform CVE List

Lucene search

TduckcloudTduck-platform

4 matches found

CVE•added 2023/07/19 7:15 p.m.•127 views

CVE-2023-37733

An arbitrary file upload vulnerability in tduck-platform v4.0 allows attackers to execute arbitrary code via a crafted HTML file.

6.1CVSS6.5AI score0.00093EPSS

CVE•added 2025/01/18 1:15 p.m.•35 views

CVE-2025-0558

A vulnerability classified as critical was found in TDuckCloud tduck-platform up to 4.0. This vulnerability affects the function QueryProThemeRequest of the file src/main/java/com/tduck/cloud/form/request/QueryProThemeRequest.java. The manipulation of the argument color leads to sql injection. The ...

6.5CVSS6.8AI score0.00035EPSS

CVE•added 2024/01/13 2:15 a.m.•28 views

CVE-2023-51805

SQL Injection vulnerability in TDuckCLoud tduck-platform v.4.0 allows a remote attacker to obtain sensitive information via the getFormKey parameter in the search function of FormDataMysqlService.java file.

8.1CVSS6.6AI score0.00105EPSS

CVE•added 2 days ago•4 views

CVE-2025-7888

A vulnerability was found in TDuckCloud tduck-platform 5.1 and classified as critical. This issue affects the function UserFormDataMapper of the file src/main/java/com/tduck/cloud/form/mapper/UserFormDataMapper.java. The manipulation of the argument formKey leads to sql injection. The attack may be...

6.5CVSS7.5AI score0.00026EPSS