18 matches found
CVE-2026-5253
A weakness has been identified in bufanyun HotGo 1.0/2.0. Affected by this vulnerability is an unknown functionality of the file /web/src/layout/components/Header/MessageList.vue of the component editNotice Endpoint. Executing a manipulation can lead to cross site scripting. The attack can be...
EUVD-2026-17775
A weakness has been identified in bufanyun HotGo 1.0/2.0. Affected by this vulnerability is an unknown functionality of the file /web/src/layout/components/Header/MessageList.vue of the component editNotice Endpoint. Executing a manipulation can lead to cross site scripting. The attack can be...
CVE-2026-5253
A weakness has been identified in bufanyun HotGo 1.0/2.0. Affected by this vulnerability is an unknown functionality of the file /web/src/layout/components/Header/MessageList.vue of the component editNotice Endpoint. Executing a manipulation can lead to cross site scripting. The attack can be...
CVE-2026-5253
A weakness has been identified in bufanyun HotGo 1.0/2.0. Affected by this vulnerability is an unknown functionality of the file /web/src/layout/components/Header/MessageList.vue of the component editNotice Endpoint. Executing a manipulation can lead to cross site scripting. The attack can be...
CVE-2026-5253 bufanyun HotGo editNotice Endpoint MessageList.vue cross site scripting
A weakness has been identified in bufanyun HotGo 1.0/2.0. Affected by this vulnerability is an unknown functionality of the file /web/src/layout/components/Header/MessageList.vue of the component editNotice Endpoint. Executing a manipulation can lead to cross site scripting. The attack can be...
CVE-2026-5253
CVE-2026-5253 affects bufanyun HotGo 1.0/2.0. Affected is an unknown functionality in /web/src/layout/components/Header/MessageList.vue of the editNotice endpoint. The issue allows remote cross-site scripting via a manipulation of that component; the exploit is publicly available. Attack requires...
CVE-2026-5253 bufanyun HotGo editNotice Endpoint MessageList.vue cross site scripting
A weakness has been identified in bufanyun HotGo 1.0/2.0. Affected by this vulnerability is an unknown functionality of the file /web/src/layout/components/Header/MessageList.vue of the component editNotice Endpoint. Executing a manipulation can lead to cross site scripting. The attack can be...
PT-2026-29448
A weakness has been identified in bufanyun HotGo 1.0/2.0. Affected by this vulnerability is an unknown functionality of the file /web/src/layout/components/Header/MessageList.vue of the component editNotice Endpoint. Executing a manipulation can lead to cross site scripting. The attack can be...
HotGo-V2 代码注入漏洞
HotGo-V2 is a secondary development framework developed by Meng Shuai as an individual project. Both the HotGo 1.0 and 2.0 versions contained code injection vulnerabilities. These vulnerabilities stemmed from incorrect operations on files located at...
CVE-2026-3683
A vulnerability was detected in bufanyun HotGo up to 2.0. This issue affects the function ImageTransferStorage of the file /server/internal/logic/common/upload.go of the component Endpoint. The manipulation results in server-side request forgery. The attack may be launched remotely. The exploit i...
EUVD-2026-10198
A vulnerability was detected in bufanyun HotGo up to 2.0. This issue affects the function ImageTransferStorage of the file /server/internal/logic/common/upload.go of the component Endpoint. The manipulation results in server-side request forgery. The attack may be launched remotely. The exploit i...
CVE-2026-3683
A vulnerability was detected in bufanyun HotGo up to 2.0. This issue affects the function ImageTransferStorage of the file /server/internal/logic/common/upload.go of the component Endpoint. The manipulation results in server-side request forgery. The attack may be launched remotely. The exploit i...
HotGo-V2 代码问题漏洞
HotGo-V2 is a secondary development framework developed by Meng Shuai as an individual project. Versions of HotGo 2.0 and earlier contained code vulnerabilities. These vulnerabilities stemmed from incorrect operations on functions in the componentEndpoint file, /server/,...
CVE-2026-3683 bufanyun HotGo Endpoint upload.go ImageTransferStorage server-side request forgery
A vulnerability was detected in bufanyun HotGo up to 2.0. This issue affects the function ImageTransferStorage of the file /server/internal/logic/common/upload.go of the component Endpoint. The manipulation results in server-side request forgery. The attack may be launched remotely. The exploit i...
CVE-2026-3683 bufanyun HotGo Endpoint upload.go ImageTransferStorage server-side request forgery
A vulnerability was detected in bufanyun HotGo up to 2.0. This issue affects the function ImageTransferStorage of the file /server/internal/logic/common/upload.go of the component Endpoint. The manipulation results in server-side request forgery. The attack may be launched remotely. The exploit i...
CVE-2026-3683
CVE-2026-3683 affects bufanyun HotGo (up to 2.0). The vulnerability is in Endpoint’s ImageTransferStorage function (file /server/internal/logic/common/upload.go) and causes server-side request forgery (SSRF). Impact is described as remote exploitability with low to moderate confidentiality/integr...
CVE-2026-3683
A vulnerability was detected in bufanyun HotGo up to 2.0. This issue affects the function ImageTransferStorage of the file /server/internal/logic/common/upload.go of the component Endpoint. The manipulation results in server-side request forgery. The attack may be launched remotely. The exploit i...
PT-2026-23892
A vulnerability was detected in bufanyun HotGo up to 2.0. This issue affects the function ImageTransferStorage of the file /server/internal/logic/common/upload.go of the component Endpoint. The manipulation results in server-side request forgery. The attack may be launched remotely. The exploit i...