Page 6 of 27 results (0.138 seconds)

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1

An issue in the component /api/plugin/upload of Dataease v1.11.1 allows attackers to execute arbitrary code via a crafted plugin. Un problema en el componente /api/plugin/upload de Dataease v1.11.1, permite a atacantes ejecutar código arbitrario por medio de un plugin diseñado • https://github.com/dataease/dataease/issues/2431 •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1

DataEase v1.11.1 was discovered to contain a arbitrary file write vulnerability via the parameter dataSourceId. Se descubrió que DataEase v1.11.1 contiene una vulnerabilidad de escritura arbitraria de archivos a través del parámetro dataSourceId • https://github.com/dataease/dataease/issues/2428 https://github.com/dataease/dataease/releases/tag/v1.11.2 • CWE-434: Unrestricted Upload of File with Dangerous Type •