Enviar #628912: CodePhiliaX Chat2DB 0.3.7 JDBC Connection Remote Code Executioninformación

TítuloCodePhiliaX Chat2DB 0.3.7 JDBC Connection Remote Code Execution
DescripciónChat2DB is an intelligent, universal SQL client and data reporting tool that integrates AI capabilities. Chat2DB versions ≤ v0.3.5 have a security vulnerability. The vulnerability stems from the component /datasource/pre_connect interface not checking and restricting the URL entered by the user, allowing attackers to execute arbitrary code by providing a carefully crafted URL.
Fuente⚠️ https://hip-motorcycle-97a.notion.site/Chat2DB-H2-JDBC-Connection-Remote-Code-Execution-2465f5e4caac80999d51dc98e8fc935f
Usuario
 jmx0hxq (UID 63891)
Sumisión2025-08-05 15:41 (hace 9 meses)
Moderación2025-08-19 09:42 (14 days later)
EstadoAceptado
Entrada de VulDB320527 [CodePhiliaX Chat2DB hasta 0.3.7 JDBC Connection DataSourceController.java inyección SQL]
Puntos17

AnteriorVisión De ConjuntoPróximo

Do you want to use VulDB in your project?

Use the official API to access entries easily!