Unrated severityNVD Advisory· Published Apr 20, 2022· Updated Apr 22, 2025

Remote Code Execution in Databasir

CVE-2022-24861

Description

Databasir is a team-oriented relational database model document management platform. Databasir 1.01 has remote code execution vulnerability. JDBC drivers are not validated prior to use and may be provided by users of the system. This can lead to code execution by any basic user who has access to the system. Users are advised to upgrade. There are no known workarounds to this issue.

Affected products

Vran Dev/Databasirv5
Range: < 1.0.2

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/vran-dev/databasir/commit/ca22a8fef7a31c0235b0b2951260a7819b89993bmitrex_refsource_MISC
github.com/vran-dev/databasir/pull/103mitrex_refsource_MISC
github.com/vran-dev/databasir/security/advisories/GHSA-5r2v-wcwh-7xmpmitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.002
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000