EUVD-2024-51980

Malicious code in bioql PyPI...

EUVD-2023-12365

Malicious code in bioql PyPI...

CVE-2025-8529

A vulnerability classified as critical was found in cloudfavorites favorites-web up to 1.3.0. Affected by this vulnerability is the function getCollectLogoUrl of the file app/src/main/java/com/favorites/web/CollectController.java. The manipulation of the argument url leads to server-side request...

CVE-2025-8529 cloudfavorites favorites-web CollectController.java getCollectLogoUrl server-side request forgery

A vulnerability classified as critical was found in cloudfavorites favorites-web up to 1.3.0. Affected by this vulnerability is the function getCollectLogoUrl of the file app/src/main/java/com/favorites/web/CollectController.java. The manipulation of the argument url leads to server-side request...

CVE-2025-8529

CVE-2025-8529 affects cloudfavorites favorites-web up to version 1.3.0. The vulnerability concerns the getCollectLogoUrl function in app/src/main/java/com/favorites/web/CollectController.java, where improper handling of the url parameter enables server-side request forgery (SSRF). The issue can b...

favorites-web 代码问题漏洞

favorites-web cloudfavorites is a cloudfavorites open source website built with Spring Boot. A code issue vulnerability exists in favorites-web version 1.3.0 and earlier, which stems from an incorrect manipulation of the parameter url resulting in a server-side request forgery...

PT-2025-31876 · Unknown · Cloudfavorites Favorites-Web

Name of the Vulnerable Software and Affected Versions: cloudfavorites favorites-web versions up to 1.3.0 Description: A critical vulnerability exists in cloudfavorites favorites-web. The getCollectLogoUrl function within the app/src/main/java/com/favorites/web/CollectController.java file is...

CVE-2024-53490

Favorites-web 1.3.0 favorites-web has a directory traversal vulnerability in SecurityFilter.java...

CVE-2023-0287

A vulnerability was found in ityouknow favorites-web. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Comment Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the...

CVE-2022-4960

A vulnerability, which was classified as problematic, has been found in cloudfavorites favorites-web 1.3.0. Affected by this issue is some unknown functionality of the component Nickname Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has...

CVE-2024-53490

Favorites-web 1.3.0 favorites-web has a directory traversal vulnerability in SecurityFilter.java...

CVE-2024-53490

Favorites-web 1.3.0 is affected by a directory traversal vulnerability in SecurityFilter.java. The CVE-2024-53490 entry lists a network-accessible issue with a CVSS v3.1 base score of 7.5 (High) and confidentiality impact of High, no integrity/availability impact. Connected sources consistently d...

CVE-2024-53490

Favorites-web 1.3.0 favorites-web has a directory traversal vulnerability in SecurityFilter.java...

CVE-2024-53490

Favorites-web 1.3.0 favorites-web has a directory traversal vulnerability in SecurityFilter.java...

PT-2024-35761 · Unknown · Favorites-Web

Name of the Vulnerable Software and Affected Versions: Favorites-web version 1.3.0 Description: The issue is related to a directory traversal vulnerability in the SecurityFilter.java file. This vulnerability could potentially allow unauthorized access. Recommendations: For Favorites-web version...

favorites-web 安全漏洞

favorites-web Cloud Favorites is an open source website built with Spring Boot by cloudfavorites open source. A security vulnerability exists in Favorites-web version 1.3.0, which stems from a directory traversal in securityFilter.java...

CVE-2022-4960

A vulnerability, which was classified as problematic, has been found in cloudfavorites favorites-web 1.3.0. Affected by this issue is some unknown functionality of the component Nickname Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has...

CVE-2022-4960

A vulnerability, which was classified as problematic, has been found in cloudfavorites favorites-web 1.3.0. Affected by this issue is some unknown functionality of the component Nickname Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has...

Cross site scripting

A vulnerability, which was classified as problematic, has been found in cloudfavorites favorites-web 1.3.0. Affected by this issue is some unknown functionality of the component Nickname Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has...

CVE-2022-4960

In cloudfavorites Favorites-Web 1.3.0, the Nickname Handler component is reported to be vulnerable to cross-site scripting. The issue is described as a remote, potentially exploitable vulnerability affecting unknown functionality of Nickname Handler, with public disclosure of the exploit. Multipl...