| 제목 | CodePhiliaX Chat2DB Chat2DB <= 0.3.7 Unrestricted Upload |
|---|
| 설명 | Chat2DB contains a critical remote code execution vulnerability in the JDBC driver upload functionality. Authenticated users can upload arbitrary JAR files without validation, which are then dynamically loaded and instantiated by the server when establishing database connections, allowing execution of malicious code. |
|---|
| 원천 | ⚠️ https://fx4tqqfvdw4.feishu.cn/docx/PgtzdpfoWoTR0yxB7P6cujGanih?from=from_copylink |
|---|
| 사용자 | xcxr (UID 86629) |
|---|
| 제출 | 2026. 03. 09. AM 07:56 (2 개월 ago) |
|---|
| 모더레이션 | 2026. 03. 22. PM 01:02 (13 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 352432 [CodePhiliaX Chat2DB 까지 0.3.7 JDBC Driver Upload JdbcDriverController.java upload 권한 상승] |
|---|
| 포인트들 | 18 |
|---|