18 matches found
CVE-2026-3788
A security vulnerability has been detected in Bytedesk up to 1.3.9. This impacts the function getModels of the file source-code/src/main/java/com/bytedesk/ai/springai/providers/openrouter/SpringAIOpenrouterRestService.java of the component SpringAIOpenrouterRestController. Such manipulation of th...
EUVD-2026-10279
A vulnerability was detected in Bytedesk up to 1.3.9. Affected is the function getModels of the file source-code/src/main/java/com/bytedesk/ai/springai/providers/gitee/SpringAIGiteeRestService.java of the component SpringAIGiteeRestController. Performing a manipulation of the argument apiUrl...
EUVD-2026-10278
A security vulnerability has been detected in Bytedesk up to 1.3.9. This impacts the function getModels of the file source-code/src/main/java/com/bytedesk/ai/springai/providers/openrouter/SpringAIOpenrouterRestService.java of the component SpringAIOpenrouterRestController. Such manipulation of th...
CVE-2026-3788
A security vulnerability has been detected in Bytedesk up to 1.3.9. This impacts the function getModels of the file source-code/src/main/java/com/bytedesk/ai/springai/providers/openrouter/SpringAIOpenrouterRestService.java of the component SpringAIOpenrouterRestController. Such manipulation of th...
CVE-2026-3789
A vulnerability was detected in Bytedesk up to 1.3.9. Affected is the function getModels of the file source-code/src/main/java/com/bytedesk/ai/springai/providers/gitee/SpringAIGiteeRestService.java of the component SpringAIGiteeRestController. Performing a manipulation of the argument apiUrl...
CVE-2026-3789
A vulnerability was detected in Bytedesk up to 1.3.9. Affected is the function getModels of the file source-code/src/main/java/com/bytedesk/ai/springai/providers/gitee/SpringAIGiteeRestService.java of the component SpringAIGiteeRestController. Performing a manipulation of the argument apiUrl...
CVE-2026-3789 Bytedesk SpringAIGiteeRestController SpringAIGiteeRestService.java getModels server-side request forgery
A vulnerability was detected in Bytedesk up to 1.3.9. Affected is the function getModels of the file source-code/src/main/java/com/bytedesk/ai/springai/providers/gitee/SpringAIGiteeRestService.java of the component SpringAIGiteeRestController. Performing a manipulation of the argument apiUrl...
CVE-2026-3789 Bytedesk SpringAIGiteeRestController SpringAIGiteeRestService.java getModels server-side request forgery
A vulnerability was detected in Bytedesk up to 1.3.9. Affected is the function getModels of the file source-code/src/main/java/com/bytedesk/ai/springai/providers/gitee/SpringAIGiteeRestService.java of the component SpringAIGiteeRestController. Performing a manipulation of the argument apiUrl...
CVE-2026-3789
A vulnerability was detected in Bytedesk up to 1.3.9. Affected is the function getModels of the file source-code/src/main/java/com/bytedesk/ai/springai/providers/gitee/SpringAIGiteeRestService.java of the component SpringAIGiteeRestController. Performing a manipulation of the argument apiUrl...
CVE-2026-3789
CVE-2026-3789 affects Bytedesk up to version 1.3.9, specifically the getModels function in SpringAIGiteeRestService.java within SpringAIGiteeRestController. The vulnerability arises from manipulating the apiUrl argument, leading to server-side request forgery and remote exploitation. An exploit i...
CVE-2026-3788
A security vulnerability has been detected in Bytedesk up to 1.3.9. This impacts the function getModels of the file source-code/src/main/java/com/bytedesk/ai/springai/providers/openrouter/SpringAIOpenrouterRestService.java of the component SpringAIOpenrouterRestController. Such manipulation of th...
CVE-2026-3788 Bytedesk SpringAIOpenrouterRestController SpringAIOpenrouterRestService.java getModels server-side request forgery
A security vulnerability has been detected in Bytedesk up to 1.3.9. This impacts the function getModels of the file source-code/src/main/java/com/bytedesk/ai/springai/providers/openrouter/SpringAIOpenrouterRestService.java of the component SpringAIOpenrouterRestController. Such manipulation of th...
CVE-2026-3788
CVE-2026-3788 affects Bytedesk up to version 1.3.9, specifically the SpringAIOpenrouterRestController/SpringAIOpenrouterRestService.getModels path. The root cause is manipulation of the apiUrl parameter in getModels inside source-code/src/main/java/com/bytedesk/ai/springai/providers/openrouter/Sp...
PT-2026-23988
Name of the Vulnerable Software and Affected Versions Bytedesk versions up to 1.3.9 Description A server-side request forgery condition exists in Bytedesk. The issue is located in the getModels function within the SpringAIOpenrouterRestController component, specifically in the file...
PT-2026-23989
Name of the Vulnerable Software and Affected Versions Bytedesk versions up to 1.3.9 Description A server-side request forgery condition exists in the getModels function within the SpringAIGiteeRestController component of Bytedesk. Manipulation of the apiUrl argument can lead to server-side reques...
Zenphoto SQL注入漏洞
CVE ID:CVE-2013-7242 Zenphoto是Zenphoto团队开发的一套免费的图片库内容管理系统。该系统可管理图片,且支持音频、视频等多媒体。 Zenphoto zp-core/zp-extensions/wordpressimport.php脚本中存在SQL注入漏洞。远程攻击者可借助特制的‘tableprefix’参数利用该漏洞执行任意SQL命令。 0 Zenphoto = 1.4.5.3 厂商补丁: Zenphoto ----- 厂商已经发布了升级补丁以修复此安全问题,补丁获取链接:...
PT-2013-6301 · Zenphoto · Zenphoto
Name of the Vulnerable Software and Affected Versions: Zenphoto versions prior to 1.4.5.4 Description: The issue is related to a cross-site scripting XSS vulnerability in the export function. This vulnerability allows remote attackers to inject arbitrary web script or HTML via the URI...
PT-2013-6302 · Zenphoto · Zenphoto
Name of the Vulnerable Software and Affected Versions: Zenphoto versions prior to 1.4.5.4 Description: The issue allows remote authenticated administrators to execute arbitrary SQL commands. This is achieved via the tableprefix parameter in the wordpress import.php file within the...