PT-2022-16935 · Databasir · Databasir
Luckyt0Mat0
·
Published
2022-04-20
·
Updated
2022-05-03
·
CVE-2022-24861
CVSS v3.1
9.9
Critical
| Vector | AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Databasir version 1.01
Description
Databasir is a team-oriented relational database model document management platform. It has a remote code execution issue due to the lack of validation of JDBC drivers prior to use, which may be provided by system users. This can lead to code execution by any basic user with system access.
Recommendations
For Databasir version 1.01, users are advised to upgrade as there are no known workarounds to this issue.
Exploit
Fix
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Databasir