Submit #775596: CodePhiliaX Chat2DB Chat2DB <= 0.3.7 Unrestricted Uploadinfo

TitleCodePhiliaX Chat2DB Chat2DB <= 0.3.7 Unrestricted Upload
DescriptionChat2DB contains a critical remote code execution vulnerability in the JDBC driver upload functionality. Authenticated users can upload arbitrary JAR files without validation, which are then dynamically loaded and instantiated by the server when establishing database connections, allowing execution of malicious code.
Source⚠️ https://fx4tqqfvdw4.feishu.cn/docx/PgtzdpfoWoTR0yxB7P6cujGanih?from=from_copylink
User
 xcxr (UID 86629)
Submission03/09/2026 07:56 (4 months ago)
Moderation03/22/2026 13:02 (13 days later)
StatusAccepted
VulDB entry352432 [CodePhiliaX Chat2DB up to 0.3.7 JDBC Driver Upload JdbcDriverController.java upload unrestricted upload]
Points18

Do you need the next level of professionalism?

Upgrade your account now!