CVE-2025-3790

A vulnerability classified as critical has been found in baseweb JSite 1.0. This affects an unknown part of the file /druid/index.html of the component Apache Druid Monitoring Console. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. The exploit...

CVE-2025-3790 baseweb JSite Apache Druid Monitoring Console index.html access control

A vulnerability classified as critical has been found in baseweb JSite 1.0. This affects an unknown part of the file /druid/index.html of the component Apache Druid Monitoring Console. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. The exploit...

CVE-2025-3790

CVE-2025-3790 affects baseweb JSite 1.0, impacting the /druid/index.html file of the Apache Druid Monitoring Console. Root cause: improper access controls that permit a remote attack. Public exploit details exist. All connected sources corroborate a lack of published fix/version update in the pro...

CVE-2025-3790 baseweb JSite Apache Druid Monitoring Console index.html access control

A vulnerability classified as critical has been found in baseweb JSite 1.0. This affects an unknown part of the file /druid/index.html of the component Apache Druid Monitoring Console. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. The exploit...

CVE-2025-3789 baseweb JSite save cross site scripting

A vulnerability was found in baseweb JSite 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /a/sys/area/save. The manipulation of the argument Name leads to cross site scripting. The attack may be launched remotely. The exploit has been...

CVE-2025-3789

CVE-2025-3789 affects baseweb JSite 1.0. The vulnerability is in the file /a/sys/area/save where manipulation of the Name parameter enables cross-site scripting. Exploitation is possible remotely, and public disclosure is noted. Connected sources consistently identify the affected component and a...

CVE-2025-3789 baseweb JSite save cross site scripting

A vulnerability was found in baseweb JSite 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /a/sys/area/save. The manipulation of the argument Name leads to cross site scripting. The attack may be launched remotely. The exploit has been...

CVE-2025-3788

A vulnerability was found in baseweb JSite 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /a/sys/user/save. The manipulation of the argument Name leads to cross site scripting. The attack can be launched remotely. The exploit has...

CVE-2025-3788

A vulnerability was found in baseweb JSite 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /a/sys/user/save. The manipulation of the argument Name leads to cross site scripting. The attack can be launched remotely. The exploit has...

CVE-2025-3788 baseweb JSite save cross site scripting

A vulnerability was found in baseweb JSite 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /a/sys/user/save. The manipulation of the argument Name leads to cross site scripting. The attack can be launched remotely. The exploit has...

CVE-2025-3788

CVE-2025-3788 affects baseweb JSite 1.0. The vulnerability is in the file /a/sys/user/save where manipulating the Name parameter leads to cross-site scripting; the attack can be launched remotely and exploit details have been publicly disclosed. Multiple connected sources corroborate the presence...

CVE-2025-3788 baseweb JSite save cross site scripting

A vulnerability was found in baseweb JSite 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /a/sys/user/save. The manipulation of the argument Name leads to cross site scripting. The attack can be launched remotely. The exploit has...

JSite 安全漏洞

JSite is JSite open source a backend management system rapid development framework . JSite 1.0 version has a security vulnerability , the vulnerability stems from the file /a/sys/user/save in the parameter Name operation leads to cross-site scripting attacks...

JSite 安全漏洞

JSite is JSite open source a backend management system rapid development framework. A security vulnerability exists in JSite version 1.0, which stems from improper access control of the file /druid/index.html...

JSite 代码注入漏洞

JSite is JSite open source rapid development framework for a backend management system . JSite 1.0 version of the code injection vulnerability , the vulnerability stems from the file /a/sys/area/save in the parameter Name operation leads to cross-site scripting attacks...

PT-2025-17262 · Unknown · Baseweb Jsite

Name of the Vulnerable Software and Affected Versions: baseweb JSite version 1.0 Description: A problematic issue was found in the software, affecting some unknown functionality of the file /a/sys/area/save. The manipulation of the Name argument leads to cross-site scripting. The attack may be...

PT-2025-17263 · Unknown +1 · Baseweb Jsite +1

Name of the Vulnerable Software and Affected Versions: baseweb JSite version 1.0 Description: A critical issue has been discovered, affecting the Apache Druid Monitoring Console, specifically the /druid/index.html file. This leads to improper access controls, allowing for remote attacks. The...

PT-2025-17261 · Unknown · Baseweb Jsite

Name of the Vulnerable Software and Affected Versions: baseweb JSite version 1.0 Description: A vulnerability was found in the file /a/sys/user/save, where the manipulation of the Name argument leads to cross-site scripting. The attack can be launched remotely. Recommendations: For baseweb JSite...

jsite 1.0 oe (sql/lfi) Multiple Vulnerabilities

No description provided by source. --==+================================================================================+==-- --==+ jSite 1.0 OE Multiple Remote SQL/LFI Vulnerbility +==-- --==+================================================================================+==--...

Sql injection

SQL injection vulnerability in admin/login.php in jSite 1.0 OE allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...