Show filters
4 Total Results
Displaying 1-4 of 4
Sort by:
Attacker Value
Unknown
CVE-2022-34114
Disclosure Date: July 22, 2022 (last updated February 24, 2025)
Dataease v1.11.1 was discovered to contain a SQL injection vulnerability via the parameter dataSourceId.
0
Attacker Value
Unknown
CVE-2022-34113
Disclosure Date: July 22, 2022 (last updated October 07, 2023)
An issue in the component /api/plugin/upload of Dataease v1.11.1 allows attackers to execute arbitrary code via a crafted plugin.
0
Attacker Value
Unknown
CVE-2022-34112
Disclosure Date: July 22, 2022 (last updated February 24, 2025)
An access control issue in the component /api/plugin/uninstall Dataease v1.11.1 allows attackers to arbitrarily uninstall the plugin, a right normally reserved for the administrator.
0
Attacker Value
Unknown
CVE-2022-34115
Disclosure Date: July 22, 2022 (last updated February 24, 2025)
DataEase v1.11.1 was discovered to contain a arbitrary file write vulnerability via the parameter dataSourceId.
0
