CVE-2025-8551 atjiu pybbs list cross site scripting

A vulnerability was found in atjiu pybbs up to 6.0.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/comment/list. The manipulation of the argument Username leads to cross site scripting. The attack may be launched remotely. The exploit h...

CVE-2025-8551

CVE-2025-8551 affects atjiu pybbs up to 6.0.0, where manipulating the Username parameter in /admin/comment/list causes cross-site scripting. The issue can be triggered remotely, and public exploits/patch details exist. A patch is available: 2fe4a51afbce0068c291bc1818bbc8f7f3b01a22; apply it to fix.

CVE-2025-8550

A vulnerability was found in atjiu pybbs up to 6.0.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/topic/list. The manipulation of the argument Username leads to cross site scripting. The attack can be launched remotely. The...

CVE-2025-8550

A vulnerability was found in atjiu pybbs up to 6.0.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/topic/list. The manipulation of the argument Username leads to cross site scripting. The attack can be launched remotely. The...

CVE-2025-8549

A vulnerability was found in atjiu pybbs up to 6.0.0. It has been classified as critical. Affected is the function update of the file src/main/java/co/yiiu/pybbs/controller/admin/UserAdminController.java. The manipulation leads to weak password requirements. It is possible to launch the attack...

CVE-2025-8549

A vulnerability was found in atjiu pybbs up to 6.0.0. It has been classified as critical. Affected is the function update of the file src/main/java/co/yiiu/pybbs/controller/admin/UserAdminController.java. The manipulation leads to weak password requirements. It is possible to launch the attack...

CVE-2025-8548

A vulnerability was found in atjiu pybbs up to 6.0.0 and classified as problematic. This issue affects the function sendEmailCode of the file src/main/java/co/yiiu/pybbs/controller/api/SettingsApiController.java of the component Registered Email Handler. The manipulation of the argument email lea...

CVE-2025-8548

A vulnerability was found in atjiu pybbs up to 6.0.0 and classified as problematic. This issue affects the function sendEmailCode of the file src/main/java/co/yiiu/pybbs/controller/api/SettingsApiController.java of the component Registered Email Handler. The manipulation of the argument email lea...

CVE-2025-8550

CVE-2025-8550 affects atjiu pybbs up to version 6.0.0, with a cross-site scripting flaw in /admin/topic/list triggered by manipulating the Username parameter. The vulnerability is network‑based and has been publicly disclosed; PoC/exploitation materials exist (e.g., ExploitDB, PT-Security notes, ...

CVE-2025-8550 atjiu pybbs list cross site scripting

A vulnerability was found in atjiu pybbs up to 6.0.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/topic/list. The manipulation of the argument Username leads to cross site scripting. The attack can be launched remotely. The...

CVE-2025-8550 atjiu pybbs list cross site scripting

A vulnerability was found in atjiu pybbs up to 6.0.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/topic/list. The manipulation of the argument Username leads to cross site scripting. The attack can be launched remotely. The...

CVE-2025-8549

The CVE-2025-8549 entry concerns atjiu pybbs up to version 6.0.0. The vulnerable component is the update function in src/main/java/co/yiiu/pybbs/controller/admin/UserAdminController.java, where manipulation leads to weak password requirements. The issue is remotely exploitable with high attack co...

CVE-2025-8549 atjiu pybbs UserAdminController.java update weak password

A vulnerability was found in atjiu pybbs up to 6.0.0. It has been classified as critical. Affected is the function update of the file src/main/java/co/yiiu/pybbs/controller/admin/UserAdminController.java. The manipulation leads to weak password requirements. It is possible to launch the attack...

CVE-2025-8547

A vulnerability has been found in atjiu pybbs up to 6.0.0 and classified as critical. This vulnerability affects unknown code of the component Email Verification Handler. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit has been disclosed to the...

CVE-2025-8547

A vulnerability has been found in atjiu pybbs up to 6.0.0 and classified as critical. This vulnerability affects unknown code of the component Email Verification Handler. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit has been disclosed to the...

CVE-2025-8548 atjiu pybbs Registered Email SettingsApiController.java sendEmailCode information exposure

A vulnerability was found in atjiu pybbs up to 6.0.0 and classified as problematic. This issue affects the function sendEmailCode of the file src/main/java/co/yiiu/pybbs/controller/api/SettingsApiController.java of the component Registered Email Handler. The manipulation of the argument email lea...

CVE-2025-8548 atjiu pybbs Registered Email SettingsApiController.java sendEmailCode information exposure

A vulnerability was found in atjiu pybbs up to 6.0.0 and classified as problematic. This issue affects the function sendEmailCode of the file src/main/java/co/yiiu/pybbs/controller/api/SettingsApiController.java of the component Registered Email Handler. The manipulation of the argument email lea...

CVE-2025-8548

Affects atjiu pybbs up to 6.0.0 in the Registered Email Handler: the sendEmailCode function (SettingsApiController.java) exposes information via error messages when the email argument is manipulated. The issue can be remotely triggered with high attack complexity; exploitation is publicly disclos...

CVE-2025-8547 atjiu pybbs Email Verification improper authorization

A vulnerability has been found in atjiu pybbs up to 6.0.0 and classified as critical. This vulnerability affects unknown code of the component Email Verification Handler. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit has been disclosed to the...

CVE-2025-8547 atjiu pybbs Email Verification improper authorization

A vulnerability has been found in atjiu pybbs up to 6.0.0 and classified as critical. This vulnerability affects unknown code of the component Email Verification Handler. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit has been disclosed to the...