Vulnerabilities > Davinci Project

DATE	CVE	VULNERABILITY TITLE	RISK
2023-05-17	CVE-2023-31847	Unspecified vulnerability in Davinci Project Davinci 0.3.0 In davinci 0.3.0-rc after logging in, the user can connect to the mysql malicious server by controlling the data source to read arbitrary files on the client side. network low complexity davinci-project	6.5
2023-05-17	CVE-2023-31848	Server-Side Request Forgery (SSRF) vulnerability in Davinci Project Davinci 0.3.0 davinci 0.3.0-rc is vulnerable to Server-side request forgery (SSRF). network low complexity davinci-project CWE-918	8.8
2023-02-27	CVE-2023-24206	SQL Injection vulnerability in Davinci Project Davinci 0.3.0 Davinci v0.3.0-rc was discovered to contain a SQL injection vulnerability via the copyDisplay function. network low complexity davinci-project CWE-89 critical	9.8

Vulnerabilities > Davinci Project {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Davinci Project"}]}