Lucene search
K

35 matches found

RedhatCVE
RedhatCVE
added 2026/02/20 1:22 a.m.5 views

CVE-2026-2676

A weakness has been identified in GoogTech sms-ssm up to e8534c766fd13f5f94c01dab475d75f286918a8d. Affected by this issue is the function preHandle of the file LoginInterceptor.java of the component API Interface. Executing a manipulation can lead to improper authorization. The attack may be...

6.5CVSS5.1AI score0.00272EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/18 10:2 p.m.28 views

CVE-2026-2676 GoogTech sms-ssm API LoginInterceptor.java preHandle improper authorization

A weakness has been identified in GoogTech sms-ssm up to e8534c766fd13f5f94c01dab475d75f286918a8d. Affected by this issue is the function preHandle of the file LoginInterceptor.java of the component API Interface. Executing a manipulation can lead to improper authorization. The attack may be...

6.5CVSS0.00272EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/02/18 12:0 a.m.7 views

sms-ssm 授权问题漏洞

SMS-SSM is a student management system personally developed by HackHuang. There are authorization-related vulnerabilities in SMS-SSM; these vulnerabilities stem from improper authorization in the preHandle function within the LoginInterceptor.java file...

6.5CVSS6.6AI score0.00272EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-54909

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00406EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-54900

Malicious code in bioql PyPI...

7.5CVSS6.6AI score0.00336EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-54891

Malicious code in bioql PyPI...

8.8CVSS6.6AI score0.00328EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/30 6:20 p.m.5 views

CVE-2024-46412

Incorrect access control in the prehandle function of Rebuild v3.7.7 allows attackers to bypass authentication via a crafted GET request sent to /commons/ip-location...

6.5CVSS7AI score0.00406EPSS
Exploits0References1
NVD
NVD
added 2025/08/25 3:15 p.m.2 views

CVE-2024-46412

Incorrect access control in the prehandle function of Rebuild v3.7.7 allows attackers to bypass authentication via a crafted GET request sent to /commons/ip-location...

6.5CVSS0.00406EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/08/25 12:0 a.m.8 views

CVE-2024-46412

Incorrect access control in the prehandle function of Rebuild v3.7.7 allows attackers to bypass authentication via a crafted GET request sent to /commons/ip-location...

0.00406EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/08/25 12:0 a.m.5 views

Rebuild 安全漏洞

Rebuild is a highly customizable enterprise management system from getrebuild open source. A security vulnerability exists in Rebuild version v3.7.7, which stems from improper access control in the prehandle function and could lead to bypassing authentication via a specially crafted GET request...

6.5CVSS6.8AI score0.00406EPSS
Exploits0References3
CVE
CVE
added 2025/08/25 12:0 a.m.19 views

CVE-2024-46412

CVE-2024-46412 affects Rebuild v3.7.7. The issue is an incorrect access control in the prehandle function, allowing an attacker to bypass authentication by sending a crafted GET request to /commons/ip-location. Public sources in the connected documents corroborate this description across Red Hat ...

6.5CVSS7.3AI score0.00406EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/08/22 12:22 a.m.20 views

CVE-2024-57491

Authentication Bypass vulnerability in jobx up to v1.0.1-RELEASE allows an attacker can exploit this vulnerability to access sensitive API without any token via the preHandle function...

8.8CVSS7AI score0.00328EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/22 12:22 a.m.7 views

CVE-2024-50640

jeewx-boot 1.3 has an authentication bypass vulnerability in the preHandle function...

9.8CVSS7.5AI score0.00492EPSS
Exploits0References1
NVD
NVD
added 2025/08/20 5:15 p.m.7 views

CVE-2024-50640

jeewx-boot 1.3 has an authentication bypass vulnerability in the preHandle function...

9.8CVSS0.00492EPSS
Exploits0References1
OSV
OSV
added 2025/08/20 3:15 p.m.3 views

CVE-2024-57491

Authentication Bypass vulnerability in jobx up to v1.0.1-RELEASE allows an attacker can exploit this vulnerability to access sensitive API without any token via the preHandle function...

8.8CVSS5.7AI score0.00328EPSS
Exploits0References1
NVD
NVD
added 2025/08/20 3:15 p.m.38 views

CVE-2024-57491

Authentication Bypass vulnerability in jobx up to v1.0.1-RELEASE allows an attacker can exploit this vulnerability to access sensitive API without any token via the preHandle function...

8.8CVSS0.00328EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/20 12:0 a.m.4 views

CVE-2024-53495

Incorrect access control in the preHandle function of my-site v1.0.2.RELEASE allows attackers to access sensitive components without authentication...

7AI score0.00348EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/08/20 12:0 a.m.4 views

CVE-2024-50640

jeewx-boot 1.3 has an authentication bypass vulnerability in the preHandle function...

7.5AI score0.00492EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/20 12:0 a.m.11 views

CVE-2024-50640

jeewx-boot 1.3 has an authentication bypass vulnerability in the preHandle function...

0.00492EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/08/20 12:0 a.m.15 views

PT-2025-34146 · My-Site · My-Site

Name of the Vulnerable Software and Affected Versions: my-site version 1.0.2 Description: Incorrect access control in the preHandle function allows attackers to access sensitive components without authentication via the cn.luischen.interceptor.BaseInterceptor class. Recommendations: Update to a...

7.5CVSS6.6AI score0.00348EPSS
Exploits1References5
Rows per page
Query Builder