Security: dataease/SQLBot
Security
No security policy detected
This project has not set up a SECURITY.md file yet.
-
Second-Order SQL Injection via Excel Datasource Leading to Remote Command ExecutionGHSA-vxwj-843f-9c9g published
Jun 9, 2026 by xuwei-fit2cloudHigh -
Authenticated SQL Injection in previewData Resulting in Arbitrary File ReadGHSA-vwjq-5h4h-x8g5 published
Jun 9, 2026 by xuwei-fit2cloudHigh -
Stored XSS via SVG UploadGHSA-v23m-5pvq-xcgx published
Jun 9, 2026 by xuwei-fit2cloudHigh -
Arbitrary File Write via parseExcel Leading to Code Execution Through Alembic Import ProcessingGHSA-wxv4-pw5w-wx79 published
Jun 9, 2026 by xuwei-fit2cloudHigh -
SQLBot Unauthorized Access VulnerabilityGHSA-pq2r-fj48-xfpp published
Apr 30, 2026 by xuwei-fit2cloudHigh -
Prompt Injection Vulnerability ReportGHSA-q2q6-gqqh-4xrx published
Apr 30, 2026 by xuwei-fit2cloudCritical -
RCE via SQL Injection in Excel Upload EndpointGHSA-7hww-8rj5-7rmm published
Mar 19, 2026 by xuwei-fit2cloudHigh -
SSRF to Arbitrary File Read (AFR) via Rogue MySQLGHSA-wqj3-xcxf-j9m9 published
Mar 19, 2026 by xuwei-fit2cloudHigh -
Remote Code Execution via Terminology Poisoning (RCE via Terminology Poisoning)GHSA-m7q7-vhw9-q7m3 published
Mar 19, 2026 by xuwei-fit2cloudHigh -
Privilege vulnerability exists in the API interfaceGHSA-h4xm-3q3p-5g6r published
Jan 20, 2026 by xuwei-fit2cloudHigh
Learn more about advisories related to dataease/SQLBot in the GitHub Advisory Database