CNNVD-202508-2186 Information
CNNVD ID
CNNVD-202508-2186
Related CVE
- CNNVD Published: 2025-08-19
Description (Chinese)
CodePhiliaX Chat2DB是CodePhiliaX开源的一个 AI 驱动的 SQL 客户端。 CodePhiliaX Chat2DB 0.3.7及之前版本存在注入漏洞,该漏洞源于组件JDBC Connection Handler中文件DataSourceController.java存在SQL注入漏洞。
Description (English)
CodePhiliaX Chat2DB is an AI-driven SQL client from CodePhiliaX open source. CodePhiliaX Chat2DB 0.3.7 and previous versions have an injection loophole, which stems from document DataSurceController.java ’ s SQL penetration gap.
Hazard Level
High
Vulnerability Type
注入
Affected Vendor
CodePhiliaX
Published
2025-08-19
Last Modified
2026-02-24
References
https://vuldb.com/?id.320527 https://vuldb.com/?ctiid.320527 https://vuldb.com/?submit.628912 https://hip-motorcycle-97a.notion.site/Chat2DB-H2-JDBC-Connection-Remote-Code-Execution-2465f5e4caac80999d51dc98e8fc935f https://access.redhat.com/security/cve/cve-2025-9148 https://nvd.nist.gov/vuln/detail/CVE-2025-9148
Share on: