CNNVD-202509-2308 Information

CNNVD ID

CNNVD-202509-2308

Related CVE

CVE-2025-57631

• CNNVD Published: 2025-09-16

Description (Chinese)

TDuckCloud tduck-platform是中国众达数蔚（TDuckCloud）公司的一个开源表单调查系统。 TDuckCloud tduck-platform 5.1版本存在安全漏洞，该漏洞源于文件上传模块存在SQL注入漏洞，可能导致执行任意代码。

Description (English)

TDuckCloud tduck-platform is an open-source form survey system for the Chinese company TDuckCloud. There is a security loophole in version 5.1 of TDuckCloud tduck-platform, which stems from the SQL injection gap in the document upload module, which may lead to the implementation of any code.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

众达数蔚

Published

2025-09-16

Last Modified

2026-02-24

References

https://gist.github.com/Theresasu1/b1b57b3763a286d9491541180c99368b https://github.com/TDuckCloud/tduck-platform http://tduck-platform.com https://github.com/TDuckCloud/tduck-platform/issues/31 https://access.redhat.com/security/cve/cve-2025-57631