Submeter #775596: CodePhiliaX Chat2DB Chat2DB <= 0.3.7 Unrestricted Uploadinformação

TítuloCodePhiliaX Chat2DB Chat2DB <= 0.3.7 Unrestricted Upload
DescriçãoChat2DB contains a critical remote code execution vulnerability in the JDBC driver upload functionality. Authenticated users can upload arbitrary JAR files without validation, which are then dynamically loaded and instantiated by the server when establishing database connections, allowing execution of malicious code.
Fonte⚠️ https://fx4tqqfvdw4.feishu.cn/docx/PgtzdpfoWoTR0yxB7P6cujGanih?from=from_copylink
Utilizador
 xcxr (UID 86629)
Submissão09/03/2026 07h56 (há 2 meses)
Moderação22/03/2026 13h02 (13 days later)
EstadoAceite
Entrada VulDB352432 [CodePhiliaX Chat2DB até 0.3.7 JDBC Driver Upload JdbcDriverController.java upload Elevação de Privilégios]
Pontos18

VoltarVisão GeralPróximo

Do you want to use VulDB in your project?

Use the official API to access entries easily!