Filtered by vendor Dataease Project
Subscribe
Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-34115 | 1 Dataease Project | 1 Dataease | 2024-11-21 | N/A | 9.8 CRITICAL |
DataEase v1.11.1 was discovered to contain a arbitrary file write vulnerability via the parameter dataSourceId. | |||||
CVE-2022-34114 | 1 Dataease Project | 1 Dataease | 2024-11-21 | N/A | 8.8 HIGH |
Dataease v1.11.1 was discovered to contain a SQL injection vulnerability via the parameter dataSourceId. | |||||
CVE-2022-34112 | 1 Dataease Project | 1 Dataease | 2024-11-21 | N/A | 6.5 MEDIUM |
An access control issue in the component /api/plugin/uninstall Dataease v1.11.1 allows attackers to arbitrarily uninstall the plugin, a right normally reserved for the administrator. |