Databasir is a team-oriented relational database model document management platform. Databasir 1.01 has remote code execution vulnerability. JDBC drivers are not validated prior to use and may be provided by users of the system. This can lead to code execution by any basic user who has access to the system. Users are advised to upgrade. There are no known workarounds to this issue.
oryginał ENCVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:HDatabasir
APPDatabasir1.0.1
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
RCE
Referencje
Powiązane podatności
CVE-2025-66944CRITICAL9.8PL ✓ten sam produkt
SQL Injection umożliwiający RCE w Databasir v1.0.7 i wcześniejszych
CVE-2023-27821CRITICAL9.8ten sam produkt
Databasir v1.0.7 was discovered to contain a remote code execution (RCE) vulnerability via the mockDataScript ...
CVE-2022-31196HIGH7.6ten sam produkt
Databasir is a database metadata management platform. Databasir <= 1.06 has Server-Side Request Forgery (SSRF)...