CVE-2024-52302

common-user-management is a robust Spring Boot application featuring user management services designed to control user access dynamically. There is a critical security vulnerability in the application endpoint /api/v1/customer/profile-picture. This endpoint allows file uploads without proper...

Spring Boot common-user-management 0.1 - Remote Code Execution (RCE)

Exploit Title: Unrestricted File Upload Google Dork: Date: 14/Nov/2024 Exploit Author: d3sca Vendor Homepage: https://github.com/OsamaTaher/Java-springboot-codebase Software Link: https://github.com/OsamaTaher/Java-springboot-codebase Version: app version 0.1 Tested on: Debian Linux CVE :...

Exploit for CVE-2024-52302

CVE-2024-52302: Unrestricted File Upload Vulnerability in Comm...

CVE-2024-52302

CVE-2024-52302 affects the Spring Boot app common-user-management, specifically the /api/v1/customer/profile-picture endpoint. The vulnerability arises from unrestricted file uploads without proper validation or restrictions, allowing attackers to upload arbitrary files that can lead to Remote Co...

CVE-2024-52302 common-user-management Unrestricted File Upload Leading to Remote Code Execution (RCE)

common-user-management is a robust Spring Boot application featuring user management services designed to control user access dynamically. There is a critical security vulnerability in the application endpoint /api/v1/customer/profile-picture. This endpoint allows file uploads without proper...

CVE-2023-52302

creationtimestamp| type| source ---|---|--- 2024-01-03 10:26:51+00:00| seen| https://t.me/ctinow/162283 2024-01-04 01:33:54+00:00| seen| https://t.me/cibsecurity/74296 2024-01-05 20:04:02+00:00| seen| https://t.me/arpsyndicate/2517 2024-01-23 13:56:16+00:00| seen| https://t.me/ctinow/171970...

paddle-ner (=0.1.0), paddle-quantum (>=1.1.1 <=2.2.1) +3 more potentially affected by CVE-2023-52302 via paddlepaddle (=1.8.5)

paddlepaddle PYPI version =1.8.5 is affected by a known vulnerability. The following packages have a transitive dependency on paddlepaddle and may be impacted: - paddle-ner =0.1.0 - paddle-quantum =1.1.1, =1.8.5.0, =1.8.5.1 - paddle-tokenizer =0.1.0 - pyunit-ner =2021.8.2 Source cves:...

paddle-ner (=0.1.0), paddle-quantum (>=1.1.1 <=2.2.1) +3 more potentially affected by CVE-2023-52302 via paddlepaddle (=1.8.5)

paddlepaddle PYPI version =1.8.5 is affected by a known vulnerability. The following packages have a transitive dependency on paddlepaddle and may be impacted: - paddle-ner =0.1.0 - paddle-quantum =1.1.1, =1.8.5.0, =1.8.5.1 - paddle-tokenizer =0.1.0 - pyunit-ner =2021.8.2 Source cves:...

CVE-2023-52302 Segfault in paddle.nextafter

Nullptr in paddle.nextafter in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service...

CVE-2023-52302

CVE-2023-52302 concerns a NULL pointer dereference in the paddle.nextafter implementation inside PaddlePaddle. Multiple connected sources describe that this flaw can cause a runtime crash, leading to a Denial of Service. The affected component is PaddlePaddle’s paddle.nextafter function; the impa...

CVE-2023-52302 Segfault in paddle.nextafter

Nullptr in paddle.nextafter in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service...