CVEs and Security Vulnerabilities CVEs and Security Vulnerabilities

Filtered by vendor Tduckcloud Subscriptions

Filtered by product Tduck-platform Subscriptions

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2023-51805	1 Tduckcloud	1 Tduck-platform	2024-11-21	6.5 Medium
SQL Injection vulnerability in TDuckCLoud tduck-platform v.4.0 allows a remote attacker to obtain sensitive information via the getFormKey parameter in the search function of FormDataMysqlService.java file.
CVE-2023-37733	1 Tduckcloud	1 Tduck-platform	2024-11-21	6.1 Medium
An arbitrary file upload vulnerability in tduck-platform v4.0 allows attackers to execute arbitrary code via a crafted HTML file.

Page 1 of 1.