CVE-2025-13268 | Dromara dataCompare up to 1.0.1 JDBC URL DbconfigServiceImpl.java DbConfig injection

A vulnerability was found in Dromara dataCompare up to 1.0.1 and classified as critical. The affected element is the function DbConfig of the file src/main/java/com/vince/xq/project/system/dbconfig/service/DbconfigServiceImpl.java of the component JDBC URL Handler. Executing manipulation can lead to injection.

This vulnerability is tracked as CVE-2025-13268. The attack can be launched remotely. Moreover, an exploit is present.VulDB Recent EntriesRead More