CodePhiliaX Chat2DB JDBC Connection SQL Injection Vulnerability

Vulnerability

A SQL injection vulnerability has been identified in CodePhiliaX Chat2DB versions through 0.3.7. The issue resides in the JDBC Connection Handler, specifically within the DataSourceController.java file. This vulnerability allows remote attackers to manipulate SQL queries by exploiting an unchecked input in the /datasource/pre_connect interface, potentially leading to arbitrary code execution.

Impact

Exploitation of this vulnerability allows for SQL injection, with the potential for arbitrary code execution, according to the advisory.

Added: Aug 19, 2025, 5:17 PM

Updated: Aug 19, 2025, 5:17 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

6.6

remediation

0.0

relevance

0.4

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

6.6

remediation

0.0

relevance

0.4

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

CodePhiliaX Chat2DB JDBC Connection SQL Injection Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating