datagear <=4.60 command executioninfo

Title	http://www.datagear.tech/ datagear <=4.60 command execution
Description	datagear exists a freemaker template injected in the /dataSet/resolveSql route rendering sql statement
Source	⚠️ https://github.com/nn0nkey/nn0nkey/blob/main/Datagear/freemaker.md
User	nn0nkey (UID 74287)
Submission	11/13/2024 01:38 AM (1 Year ago)
Moderation	11/21/2024 07:52 AM (8 days later)
Status	Accepted
VulDB entry	285658 [DataGear up to 4.60 /dataSet/resolveSql sql sql injection]
Points	14

Do you want to use VulDB in your project?

Use the official API to access entries easily!