Le1Afinderph0Ebusfinder

**Name of the Vulnerable Software and Affected Versions** DataEase versions prior to 2.10.10 **Description** DataEase is an open source business intelligence and data visualization tool. A flaw exists in a previous patch that allows it to be bypassed through case insensitivity because the prohibited terms `INIT` and `RUNSCRIPT` are not handled regardless of case, potentially leading to remote code execution via SQL injection bypass. **Recommendations** Update to version 2.10.10.