Tduckcloud Tduck-platform — known CVE vulnerabilities
Every CVE whose affected-product data names Tduckcloud Tduck-platform, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2023-51805 — CVSS 6.5 (medium): SQL Injection vulnerability in TDuckCLoud tduck-platform v.4.0 allows a remote attacker to obtain sensitive information via the getFormKey…
CVE-2025-0558 — CVSS 6.3 (medium): A vulnerability classified as critical was found in TDuckCloud tduck-platform up to 4.0. This vulnerability affects the function…
CVE-2025-7888 — CVSS 6.3 (medium): A vulnerability was found in TDuckCloud tduck-platform 5.1 and classified as critical. This issue affects the function UserFormDataMapper…
CVE-2025-8756 — CVSS 6.3 (medium): A vulnerability has been found in TDuckCloud tduck-platform up to 5.1 and classified as critical. Affected by this vulnerability is the…
CVE-2023-37733 — CVSS 6.1 (medium): An arbitrary file upload vulnerability in tduck-platform v4.0 allows attackers to execute arbitrary code via a crafted HTML file.