Home

Description

SQL Injection vulnerability in TDuckCloud v.5.1 allows a remote attacker to execute arbitrary code via the Add a file upload module

PUBLISHED Reserved 2025-08-17 | Published 2025-09-16 | Updated 2025-09-17 | Assigner mitre

References

github.com/TDuckCloud/tduck-platform

tduck-platform.com

github.com/TDuckCloud/tduck-platform/issues/31

gist.github.com/Theresasu1/b1b57b3763a286d9491541180c99368b

cve.org (CVE-2025-57631)

nvd.nist.gov (CVE-2025-57631)

Download JSON