| Titel | CodePhiliaX Chat2DB Chat2DB <= 0.3.7 Unrestricted Upload |
|---|
| Beschreibung | Chat2DB contains a critical remote code execution vulnerability in the JDBC driver upload functionality. Authenticated users can upload arbitrary JAR files without validation, which are then dynamically loaded and instantiated by the server when establishing database connections, allowing execution of malicious code. |
|---|
| Quelle | ⚠️ https://fx4tqqfvdw4.feishu.cn/docx/PgtzdpfoWoTR0yxB7P6cujGanih?from=from_copylink |
|---|
| Benutzer | xcxr (UID 86629) |
|---|
| Einreichung | 09.03.2026 07:56 (vor 1 Monat) |
|---|
| Moderieren | 22.03.2026 13:02 (13 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 352432 [CodePhiliaX Chat2DB bis 0.3.7 JDBC Driver Upload JdbcDriverController.java upload erweiterte Rechte] |
|---|
| Punkte | 18 |
|---|