16 matches found
CVE-2026-2692
A vulnerability was found in CoCoTeaNet CyreneAdmin up to 1.3.0. This affects an unknown part of the file /api/system/user/getAvatar of the component Image Handler. Performing a manipulation of the argument Avatar results in path traversal. The attack can be initiated remotely. The exploit has be...
CVE-2026-2693
A vulnerability was determined in CoCoTeaNet CyreneAdmin up to 1.3.0. This vulnerability affects unknown code of the file /api/system/dashboard/getCount of the component System Info Endpoint. Executing a manipulation can lead to improper authorization. The attack can be launched remotely. The...
CVE-2026-2692
A vulnerability was found in CoCoTeaNet CyreneAdmin up to 1.3.0. This affects an unknown part of the file /api/system/user/getAvatar of the component Image Handler. Performing a manipulation of the argument Avatar results in path traversal. The attack can be initiated remotely. The exploit has be...
CVE-2026-2693
A vulnerability was determined in CoCoTeaNet CyreneAdmin up to 1.3.0. This vulnerability affects unknown code of the file /api/system/dashboard/getCount of the component System Info Endpoint. Executing a manipulation can lead to improper authorization. The attack can be launched remotely. The...
CVE-2026-2693
A vulnerability was determined in CoCoTeaNet CyreneAdmin up to 1.3.0. This vulnerability affects unknown code of the file /api/system/dashboard/getCount of the component System Info Endpoint. Executing a manipulation can lead to improper authorization. The attack can be launched remotely. The...
CVE-2026-2692
A vulnerability was found in CoCoTeaNet CyreneAdmin up to 1.3.0. This affects an unknown part of the file /api/system/user/getAvatar of the component Image Handler. Performing a manipulation of the argument Avatar results in path traversal. The attack can be initiated remotely. The exploit has be...
CVE-2026-2693 CoCoTeaNet CyreneAdmin System Info Endpoint getCount improper authorization
A vulnerability was determined in CoCoTeaNet CyreneAdmin up to 1.3.0. This vulnerability affects unknown code of the file /api/system/dashboard/getCount of the component System Info Endpoint. Executing a manipulation can lead to improper authorization. The attack can be launched remotely. The...
CVE-2026-2693
CVE-2026-2693 affects CoCoTeaNet CyreneAdmin up to version 1.3.0. The vulnerability resides in the System Info Endpoint component, specifically /api/system/dashboard/getCount, where improper authorization can be exploited. The issue can be triggered remotely over the network, and public disclosur...
CVE-2026-2693 CoCoTeaNet CyreneAdmin System Info Endpoint getCount improper authorization
A vulnerability was determined in CoCoTeaNet CyreneAdmin up to 1.3.0. This vulnerability affects unknown code of the file /api/system/dashboard/getCount of the component System Info Endpoint. Executing a manipulation can lead to improper authorization. The attack can be launched remotely. The...
CVE-2026-2692 CoCoTeaNet CyreneAdmin Image getAvatar path traversal
A vulnerability was found in CoCoTeaNet CyreneAdmin up to 1.3.0. This affects an unknown part of the file /api/system/user/getAvatar of the component Image Handler. Performing a manipulation of the argument Avatar results in path traversal. The attack can be initiated remotely. The exploit has be...
CVE-2026-2692 CoCoTeaNet CyreneAdmin Image getAvatar path traversal
A vulnerability was found in CoCoTeaNet CyreneAdmin up to 1.3.0. This affects an unknown part of the file /api/system/user/getAvatar of the component Image Handler. Performing a manipulation of the argument Avatar results in path traversal. The attack can be initiated remotely. The exploit has be...
CVE-2026-2692
CVE-2026-2692 affects CoCoTeaNet CyreneAdmin up to version 1.3.0. The vulnerability resides in the Image Handler’s /api/system/user/getAvatar endpoint, where manipulation of the Avatar argument enables path traversal. Attack can be performed remotely, and an exploit has been published. CVSS metri...
CyreneAdmin 授权问题漏洞
CyreneAdmin is a backend management system developed by CoCoTea’s individual developers. Versions of CyreneAdmin prior to 1.3.0 had vulnerabilities related to authorization. These vulnerabilities stemmed from improper handling of unknown code in files/api/system/dashboard/getCount, which could le...
PT-2026-20571
Name of the Vulnerable Software and Affected Versions CoCoTeaNet CyreneAdmin versions up to 1.3.0 Description A path traversal issue exists in the Image Handler component of CoCoTeaNet CyreneAdmin. The issue is located in the /api/system/user/getAvatar file, where manipulation of the Avatar...
PT-2026-20572
Name of the Vulnerable Software and Affected Versions CoCoTeaNet CyreneAdmin versions up to 1.3.0 Description A flaw exists in CoCoTeaNet CyreneAdmin that could lead to improper authorization. This issue affects the System Info Endpoint, specifically within the file /api/system/dashboard/getCount...
CyreneAdmin 路径遍历漏洞
CyreneAdmin is a backend management system developed by CoCoTea’s individual developers. Versions of CyreneAdmin prior to 1.3.0 contained a path traversal vulnerability. This vulnerability stemmed from incorrect handling of the parameter “Avatar” in files/api/system/user/getAvatar, which could le...