CRITICAL🇬🇧 English

CVE-2022-24861

CVSS 9.9v3.1pub. 2022-04-20upd. 2024-11-21

Databasir is a team-oriented relational database model document management platform. Databasir 1.01 has remote code execution vulnerability. JDBC drivers are not validated prior to use and may be provided by users of the system. This can lead to code execution by any basic user who has access to the system. Users are advised to upgrade. There are no known workarounds to this issue.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
  • Databasir

    APP
    Databasir
    1.0.1
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
RCE
CWE
Referencje

Powiązane podatności

CVE-2025-66944CRITICAL9.8PL ✓ten sam produkt

SQL Injection umożliwiający RCE w Databasir v1.0.7 i wcześniejszych

CVE-2023-27821CRITICAL9.8ten sam produkt

Databasir v1.0.7 was discovered to contain a remote code execution (RCE) vulnerability via the mockDataScript ...

CVE-2022-31196HIGH7.6ten sam produkt

Databasir is a database metadata management platform. Databasir <= 1.06 has Server-Side Request Forgery (SSRF)...

CVE-2022-24861 — CRITICAL 9.9 | CVEbaza.pl