Skip to main content

Tduck Platform

2 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2025-7888 LOW POC Monitor

SQL injection in TDuckCloud tduck-platform 5.1 allows authenticated remote attackers to manipulate the formKey parameter in the UserFormDataMapper function, enabling unauthorized database queries with limited confidentiality and integrity impact. Publicly available exploit code exists, and the vendor has not responded to early disclosure notification.

SQLi Java Tduck Platform
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.1%
CVE-2025-0558 MEDIUM This Month

A vulnerability classified as critical was found in TDuckCloud tduck-platform up to 4.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java SQLi Tduck Platform
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.1%
CVE-2025-7888
EPSS 0% CVSS 2.1
LOW POC Monitor

SQL injection in TDuckCloud tduck-platform 5.1 allows authenticated remote attackers to manipulate the formKey parameter in the UserFormDataMapper function, enabling unauthorized database queries with limited confidentiality and integrity impact. Publicly available exploit code exists, and the vendor has not responded to early disclosure notification.

SQLi Java Tduck Platform
NVD GitHub VulDB
CVE-2025-0558
EPSS 0% CVSS 5.3
MEDIUM This Month

A vulnerability classified as critical was found in TDuckCloud tduck-platform up to 4.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java SQLi Tduck Platform
NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy