82 matches found
CVE-2024-53495
Incorrect access control in the preHandle function of my-site v1.0.2.RELEASE allows attackers to access sensitive components without authentication...
CVE-2024-50640
jeewx-boot 1.3 has an authentication bypass vulnerability in the preHandle function...
CVE-2024-57491
Authentication Bypass vulnerability in jobx up to v1.0.1-RELEASE allows an attacker can exploit this vulnerability to access sensitive API without any token via the preHandle function...
CVE-2024-57491
Authentication Bypass vulnerability in jobx up to v1.0.1-RELEASE allows an attacker can exploit this vulnerability to access sensitive API without any token via the preHandle function...
my-site 安全漏洞
my-site is WinterChenS individual developer's personal website based on springboot2.0 development, integrated: personal home page, personal blog, personal works. A security vulnerability exists in my-site v1.0.2, which stems from improper access control of the preHandle function in the...
CVE-2024-50640
CVE-2024-50640 affects jeewx-boot 1.3, with an authentication bypass in the preHandle function. Root cause: bypasses authentication logic in preHandle. CVSSv3.1 base score 9.8 (CRITICAL) - Network attack, no user interaction, high confidentiality/integrity/availability impact. No patch/fix versio...
CVE-2024-53495
CVE-2024-53495 affects my-site v1.0.2.RELEASE. The root cause is incorrect access control in the preHandle function, permitting access to sensitive components without authentication. The vulnerability is rated CVSS v3.1 base score 7.5 (HIGH) with network attack vector, low exploit complexity, and...
CVE-2024-50640
jeewx-boot 1.3 has an authentication bypass vulnerability in the preHandle function...
CVE-2024-57491
CVE-2024-57491 affects jobx (up to v1.0.1-RELEASE). The vulnerability is an authentication bypass in the preHandle function, allowing access to sensitive APIs without a token. CVSSv3.1 base score 8.8 (HIGH) with network attack vector, low attack complexity, no privileges required, user interactio...
CVE-2024-57152
Summary: CVE-2024-57152 affects my-site v1.0.2 due to incorrect access control in the preHandle function of the cn.luischen.interceptor.BaseInterceptor class, enabling unauthenticated access to sensitive components. The CVSS v3.1 base score is 7.5 (HIGH); attack vector is NETWORK, with LOW attack...
CVE-2024-50640
jeewx-boot 1.3 has an authentication bypass vulnerability in the preHandle function...
CVE-2024-53495
Incorrect access control in the preHandle function of my-site v1.0.2.RELEASE allows attackers to access sensitive components without authentication...
CVE-2024-57491
Authentication Bypass vulnerability in jobx up to v1.0.1-RELEASE allows an attacker can exploit this vulnerability to access sensitive API without any token via the preHandle function...
CVE-2024-53495
Incorrect access control in the preHandle function of my-site v1.0.2.RELEASE allows attackers to access sensitive components without authentication...
PT-2025-34146 · My-Site · My-Site
Name of the Vulnerable Software and Affected Versions: my-site version 1.0.2 Description: Incorrect access control in the preHandle function allows attackers to access sensitive components without authentication via the cn.luischen.interceptor.BaseInterceptor class. Recommendations: Update to a...
PT-2025-34138 · My-Site · My-Site
Name of the Vulnerable Software and Affected Versions: my-site version 1.0.2.RELEASE Description: Incorrect access control in the preHandle function allows attackers to access sensitive components without authentication. Recommendations: Apply updates to address the access control issue in the...
my-site 安全漏洞
my-site is WinterChenS individual developer's personal website based on springboot2.0 development, integrated: personal home page, personal blog, personal works. A security vulnerability exists in my-site v1.0.2, which stems from improper access control of the preHandle function, which could lead...
Jeewx-Boot 安全漏洞
Jeewx-Boot is an official JEECG open source open source microsoft housekeeping platform. A security vulnerability exists in Jeewx-Boot version 1.3, which stems from an authentication bypass vulnerability in the preHandle function...
CVE-2024-57152
Incorrect access control in the preHandle function of my-site v1.0.2 allows attackers to access sensitive components without authentication via the cn.luischen.interceptor.BaseInterceptor class...
PT-2025-34114 · Unknown · Jeewx-Boot
Name of the Vulnerable Software and Affected Versions: jeewx-boot version 1.3 Description: jeewx-boot version 1.3 contains an authentication bypass vulnerability in the preHandle function. Recommendations: At the moment, there is no information about a newer version that contains a fix for this...