35 matches found
CVE-2024-50640
jeewx-boot 1.3 has an authentication bypass vulnerability in the preHandle function...
CVE-2024-57491
Authentication Bypass vulnerability in jobx up to v1.0.1-RELEASE allows an attacker can exploit this vulnerability to access sensitive API without any token via the preHandle function...
CVE-2024-50640
jeewx-boot 1.3 has an authentication bypass vulnerability in the preHandle function...
CVE-2024-53495
Incorrect access control in the preHandle function of my-site v1.0.2.RELEASE allows attackers to access sensitive components without authentication...
PT-2025-34146 · My-Site · My-Site
Name of the Vulnerable Software and Affected Versions: my-site version 1.0.2 Description: Incorrect access control in the preHandle function allows attackers to access sensitive components without authentication via the cn.luischen.interceptor.BaseInterceptor class. Recommendations: Update to a...
Jeewx-Boot 安全漏洞
Jeewx-Boot is an official JEECG open source open source microsoft housekeeping platform. A security vulnerability exists in Jeewx-Boot version 1.3, which stems from an authentication bypass vulnerability in the preHandle function...
PT-2025-34138 · My-Site · My-Site
Name of the Vulnerable Software and Affected Versions: my-site version 1.0.2.RELEASE Description: Incorrect access control in the preHandle function allows attackers to access sensitive components without authentication. Recommendations: Apply updates to address the access control issue in the...
PT-2025-34114 · Unknown · Jeewx-Boot
Name of the Vulnerable Software and Affected Versions: jeewx-boot version 1.3 Description: jeewx-boot version 1.3 contains an authentication bypass vulnerability in the preHandle function. Recommendations: At the moment, there is no information about a newer version that contains a fix for this...
CVE-2024-57152
Incorrect access control in the preHandle function of my-site v1.0.2 allows attackers to access sensitive components without authentication via the cn.luischen.interceptor.BaseInterceptor class...
CVE-2024-57491
Authentication Bypass vulnerability in jobx up to v1.0.1-RELEASE allows an attacker can exploit this vulnerability to access sensitive API without any token via the preHandle function...
CVE-2025-8838 WinterChenS my-site Backend admin preHandle improper authentication
A vulnerability has been found in WinterChenS my-site up to 1f7525f15934d9d6a278de967f6ec9f1757738d8. This vulnerability affects the function preHandle of the file /admin/ of the component Backend Interface. The manipulation of the argument uri leads to improper authentication. The attack can be...
CVE-2025-8756
A vulnerability has been found in TDuckCloud tduck-platform up to 5.1 and classified as critical. Affected by this vulnerability is the function preHandle of the file /manage/ of the component com.tduck.cloud.api.web.interceptor.AuthorizationInterceptor. The manipulation leads to improper...
CVE-2025-8756
A vulnerability has been found in TDuckCloud tduck-platform up to 5.1 and classified as critical. Affected by this vulnerability is the function preHandle of the file /manage/ of the component com.tduck.cloud.api.web.interceptor.AuthorizationInterceptor. The manipulation leads to improper...
CVE-2025-8756
TDuckCloud TDuck-Platform (versions up to 5.1) contains a vulnerability in the preHandle function of the AuthorizationInterceptor at /manage/ (component com.tduck.cloud.api.web.interceptor.AuthorizationInterceptor) that enables improper authorization. A remote attack is possible, and the exploit ...
Authentication Bypass
org.apache.iotdb:iotdb-grafana-connector is vulnerable to Authentication Bypass. The vulnerability exists due to insufficient checks in preHandle function of LoginInterceptor.java, which allows a remote attacker to bypass authentication mechanisms...