35 matches found
CVE-2026-2676
A weakness has been identified in GoogTech sms-ssm up to e8534c766fd13f5f94c01dab475d75f286918a8d. Affected by this issue is the function preHandle of the file LoginInterceptor.java of the component API Interface. Executing a manipulation can lead to improper authorization. The attack may be...
CVE-2026-2676 GoogTech sms-ssm API LoginInterceptor.java preHandle improper authorization
A weakness has been identified in GoogTech sms-ssm up to e8534c766fd13f5f94c01dab475d75f286918a8d. Affected by this issue is the function preHandle of the file LoginInterceptor.java of the component API Interface. Executing a manipulation can lead to improper authorization. The attack may be...
sms-ssm 授权问题漏洞
SMS-SSM is a student management system personally developed by HackHuang. There are authorization-related vulnerabilities in SMS-SSM; these vulnerabilities stem from improper authorization in the preHandle function within the LoginInterceptor.java file...
EUVD-2024-54909
Malicious code in bioql PyPI...
EUVD-2024-54900
Malicious code in bioql PyPI...
EUVD-2024-54891
Malicious code in bioql PyPI...
CVE-2024-46412
Incorrect access control in the prehandle function of Rebuild v3.7.7 allows attackers to bypass authentication via a crafted GET request sent to /commons/ip-location...
CVE-2024-46412
Incorrect access control in the prehandle function of Rebuild v3.7.7 allows attackers to bypass authentication via a crafted GET request sent to /commons/ip-location...
CVE-2024-46412
Incorrect access control in the prehandle function of Rebuild v3.7.7 allows attackers to bypass authentication via a crafted GET request sent to /commons/ip-location...
Rebuild 安全漏洞
Rebuild is a highly customizable enterprise management system from getrebuild open source. A security vulnerability exists in Rebuild version v3.7.7, which stems from improper access control in the prehandle function and could lead to bypassing authentication via a specially crafted GET request...
CVE-2024-46412
CVE-2024-46412 affects Rebuild v3.7.7. The issue is an incorrect access control in the prehandle function, allowing an attacker to bypass authentication by sending a crafted GET request to /commons/ip-location. Public sources in the connected documents corroborate this description across Red Hat ...
CVE-2024-57491
Authentication Bypass vulnerability in jobx up to v1.0.1-RELEASE allows an attacker can exploit this vulnerability to access sensitive API without any token via the preHandle function...
CVE-2024-50640
jeewx-boot 1.3 has an authentication bypass vulnerability in the preHandle function...
CVE-2024-50640
jeewx-boot 1.3 has an authentication bypass vulnerability in the preHandle function...
CVE-2024-57491
Authentication Bypass vulnerability in jobx up to v1.0.1-RELEASE allows an attacker can exploit this vulnerability to access sensitive API without any token via the preHandle function...
CVE-2024-57491
Authentication Bypass vulnerability in jobx up to v1.0.1-RELEASE allows an attacker can exploit this vulnerability to access sensitive API without any token via the preHandle function...
CVE-2024-53495
Incorrect access control in the preHandle function of my-site v1.0.2.RELEASE allows attackers to access sensitive components without authentication...
CVE-2024-50640
jeewx-boot 1.3 has an authentication bypass vulnerability in the preHandle function...
CVE-2024-50640
jeewx-boot 1.3 has an authentication bypass vulnerability in the preHandle function...
PT-2025-34146 · My-Site · My-Site
Name of the Vulnerable Software and Affected Versions: my-site version 1.0.2 Description: Incorrect access control in the preHandle function allows attackers to access sensitive components without authentication via the cn.luischen.interceptor.BaseInterceptor class. Recommendations: Update to a...