VYPR

Tduck Platform

by Tduckcloud

Source repositories

CVEs (5)

  • CVE-2025-8756MedAug 9, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability has been found in TDuckCloud tduck-platform up to 5.1 and classified as critical. Affected by this vulnerability is the function preHandle of the file /manage/ of the component com.tduck.cloud.api.web.interceptor.AuthorizationInterceptor. The manipulation leads…

  • CVE-2025-7888MedJul 20, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was found in TDuckCloud tduck-platform 5.1 and classified as critical. This issue affects the function UserFormDataMapper of the file src/main/java/com/tduck/cloud/form/mapper/UserFormDataMapper.java. The manipulation of the argument formKey leads to sql…

  • CVE-2025-0558Jan 18, 2025
    risk 0.00cvss epss 0.00

    A vulnerability classified as critical was found in TDuckCloud tduck-platform up to 4.0. This vulnerability affects the function QueryProThemeRequest of the file src/main/java/com/tduck/cloud/form/request/QueryProThemeRequest.java. The manipulation of the argument color leads to…

  • CVE-2023-51805Jan 13, 2024
    risk 0.00cvss epss 0.01

    SQL Injection vulnerability in TDuckCLoud tduck-platform v.4.0 allows a remote attacker to obtain sensitive information via the getFormKey parameter in the search function of FormDataMysqlService.java file.

  • CVE-2023-37733Jul 19, 2023
    risk 0.00cvss epss 0.01

    An arbitrary file upload vulnerability in tduck-platform v4.0 allows attackers to execute arbitrary code via a crafted HTML file.