CVE-2025-15175

A vulnerability was detected in SohuTV CacheCloud up to 3.2.0. Affected by this issue is the function doAppList/appCommandAnalysis of the file src/main/java/com/sohu/cache/web/controller/AppController.java. Performing manipulation results in cross site scripting. It is possible to initiate the...

CVE-2025-15175

A vulnerability was detected in SohuTV CacheCloud up to 3.2.0. Affected by this issue is the function doAppList/appCommandAnalysis of the file src/main/java/com/sohu/cache/web/controller/AppController.java. Performing manipulation results in cross site scripting. It is possible to initiate the...

CVE-2025-15175

CVE-2025-15175 affects SohuTV CacheCloud up to 3.2.0. The vulnerability lies in the doAppList/appCommandAnalysis function in AppController.java, where input manipulation can trigger cross-site scripting. Exploitation can be performed remotely, and the exploit is publicly available. Affected versi...

CVE-2025-15175 SohuTV CacheCloud AppController.java appCommandAnalysis cross site scripting

A vulnerability was detected in SohuTV CacheCloud up to 3.2.0. Affected by this issue is the function doAppList/appCommandAnalysis of the file src/main/java/com/sohu/cache/web/controller/AppController.java. Performing manipulation results in cross site scripting. It is possible to initiate the...

CVE-2025-15175 SohuTV CacheCloud AppController.java appCommandAnalysis cross site scripting

A vulnerability was detected in SohuTV CacheCloud up to 3.2.0. Affected by this issue is the function doAppList/appCommandAnalysis of the file src/main/java/com/sohu/cache/web/controller/AppController.java. Performing manipulation results in cross site scripting. It is possible to initiate the...

PT-2025-53698

Name of the Vulnerable Software and Affected Versions SohuTV CacheCloud versions prior to 3.2.1 Description A cross site scripting issue exists in SohuTV CacheCloud. The doAppList/appCommandAnalysis function within the AppController.java file is affected by this issue. Manipulation of input can...

CacheCloud 代码注入漏洞

CacheCloud is a Redis cloud management platform open-sourced by SohuTV. A code injection vulnerability exists in CacheCloud 3.2.0 and earlier versions, which stems from the incorrect operation of function doAppList/appCommandAnalysis in file...

CVE-2024-1259 Juanpao JPShop API AppController.php unrestricted upload

A vulnerability was found in Juanpao JPShop up to 1.5.02. It has been rated as critical. Affected by this issue is some unknown functionality of the file /api/controllers/admin/app/AppController.php of the component API. The manipulation of the argument apppicurl leads to unrestricted upload. The...

SQL Injection Vulnerability in zhicms appcontroller.php Page

ZhiCms is an enterprise building system based on PHP and mysql technology. A SQL injection vulnerability exists in the zhicms appcontroller.php page. The lack of filtering of the 'Guo' parameter allows an attacker to exploit the vulnerability to obtain sensitive information about the database...