Vulnerabilities > Tduckcloud

DATE	CVE	VULNERABILITY TITLE	RISK
2024-01-13	CVE-2023-51805	SQL Injection vulnerability in Tduckcloud Tduck-Platform 4.0 SQL Injection vulnerability in TDuckCLoud tduck-platform v.4.0 allows a remote attacker to obtain sensitive information via the getFormKey parameter in the search function of FormDataMysqlService.java file. network low complexity tduckcloud CWE-89	6.5
2023-07-19	CVE-2023-37733	Cross-site Scripting vulnerability in Tduckcloud Tduck-Platform 4.0 An arbitrary file upload vulnerability in tduck-platform v4.0 allows attackers to execute arbitrary code via a crafted HTML file. network low complexity tduckcloud CWE-79	6.1

Vulnerabilities > Tduckcloud {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Tduckcloud"}]}