CVE-2025-8756
- EPSS 0.05%
- Veröffentlicht 09.08.2025 14:32:05
- Zuletzt bearbeitet 11.09.2025 17:10:09
A vulnerability has been found in TDuckCloud tduck-platform up to 5.1 and classified as critical. Affected by this vulnerability is the function preHandle of the file /manage/ of the component com.tduck.cloud.api.web.interceptor.AuthorizationIntercep...
CVE-2025-7888
- EPSS 0.03%
- Veröffentlicht 20.07.2025 12:02:05
- Zuletzt bearbeitet 11.09.2025 19:28:25
A vulnerability was found in TDuckCloud tduck-platform 5.1 and classified as critical. This issue affects the function UserFormDataMapper of the file src/main/java/com/tduck/cloud/form/mapper/UserFormDataMapper.java. The manipulation of the argument ...
CVE-2025-0558
- EPSS 0.06%
- Veröffentlicht 18.01.2025 13:15:20
- Zuletzt bearbeitet 19.09.2025 18:40:22
A vulnerability classified as critical was found in TDuckCloud tduck-platform up to 4.0. This vulnerability affects the function QueryProThemeRequest of the file src/main/java/com/tduck/cloud/form/request/QueryProThemeRequest.java. The manipulation o...
CVE-2023-51805
- EPSS 0.11%
- Veröffentlicht 13.01.2024 02:15:07
- Zuletzt bearbeitet 21.11.2024 08:38:51
SQL Injection vulnerability in TDuckCLoud tduck-platform v.4.0 allows a remote attacker to obtain sensitive information via the getFormKey parameter in the search function of FormDataMysqlService.java file.
CVE-2023-37733
- EPSS 0.09%
- Veröffentlicht 19.07.2023 19:15:11
- Zuletzt bearbeitet 21.11.2024 08:12:11
An arbitrary file upload vulnerability in tduck-platform v4.0 allows attackers to execute arbitrary code via a crafted HTML file.