153 matches found
CVE-2025-8546
A vulnerability, which was classified as problematic, was found in atjiu pybbs up to 6.0.0. This affects the function adminlogin/login of the component Verification Code Handler. The manipulation leads to guessable captcha. It is possible to initiate the attack remotely. The exploit has been...
CVE-2025-8546
A vulnerability, which was classified as problematic, was found in atjiu pybbs up to 6.0.0. This affects the function adminlogin/login of the component Verification Code Handler. The manipulation leads to guessable captcha. It is possible to initiate the attack remotely. The exploit has been...
CVE-2025-8546 atjiu pybbs Verification Code login Captcha
A vulnerability, which was classified as problematic, was found in atjiu pybbs up to 6.0.0. This affects the function adminlogin/login of the component Verification Code Handler. The manipulation leads to guessable captcha. It is possible to initiate the attack remotely. The exploit has been...
CVE-2025-8546
CVE-2025-8546 affects atjiu pybbs up to 6.0.0, specifically the Verification Code Handler’s function adminlogin/login . The issue allows a guessable captcha and can be exploited remotely; exploitation is publicly disclosed with a proof‑of‑concept. The patched fix is identified as ecaf8d46944fd03e...
pybbs 代码注入漏洞
pybbs is a community platform for Java development by iuiu individual developers. A code injection vulnerability exists in pybbs 6.0.0 and earlier versions, which stems from improper handling of the parameter Name in the file /admin/tag/list, which could lead to a cross-site scripting attack...
PT-2025-31903 · Unknown · Atjiu Pybbs
Name of the Vulnerable Software and Affected Versions: atjiu pybbs versions up to 6.0.0 Description: A problematic issue exists in the Verification Code Handler component’s adminlogin/login function, leading to guessable captcha. This allows for remote exploitation. The exploit has been publicly...
pybbs 安全漏洞
pybbs is a community platform for Java development by iuiu individual developers. A security vulnerability exists in pybbs 6.0.0 and earlier versions, which stems from a weak password requirement in the function update in the file...
PT-2025-31905 · Unknown · Atjiu Pybbs
Name of the Vulnerable Software and Affected Versions: atjiu pybbs versions up to 6.0.0 Description: A critical issue exists in the Email Verification Handler component, leading to improper authorization. The attack can be initiated remotely, and the exploit has been publicly disclosed...
PT-2025-31920 · Unknown · Atjiu Pybbs
Name of the Vulnerable Software and Affected Versions: atjiu pybbs versions prior to 6.0.1 Description: A problematic issue exists in atjiu pybbs. The manipulation of the word argument in the /admin/sensitive word/list file leads to cross site scripting. The attack can be initiated remotely. The...
PT-2025-31911 · Unknown · Atjiu Pybbs
Name of the Vulnerable Software and Affected Versions: atjiu pybbs versions prior to 6.0.0 Description: A vulnerability exists in atjiu pybbs up to version 6.0.0, affecting an unknown functionality within the /admin/topic/list file. Manipulation of the username parameter can lead to cross site...
pybbs 代码注入漏洞
pybbs is a community platform for Java development by iuiu individual developers. A code injection vulnerability exists in pybbs 6.0.0 and earlier versions, which stems from improper handling of the parameter Username in the file /admin/user/list, which could lead to a cross-site scripting attack...
PT-2025-31922 · Unknown · Atjiu Pybbs
Name of the Vulnerable Software and Affected Versions: atjiu pybbs versions prior to 6.0.0 Description: A problematic issue exists in atjiu pybbs. The issue affects an unknown function within the /search file. Manipulation of the keyword argument can lead to cross site scripting XSS. The attack c...
PT-2025-31919 · Unknown · Atjiu Pybbs
Name of the Vulnerable Software and Affected Versions: atjiu pybbs versions up to 6.0.0 Description: A problematic issue exists in atjiu pybbs up to version 6.0.0. The issue affects an unknown part of the file /admin/tag/list. Manipulation of the Name argument can lead to cross site scripting. Th...
pybbs 代码注入漏洞
pybbs is a community platform for Java development by iuiu individual developers. A code injection vulnerability exists in pybbs 6.0.0 and earlier versions, which stems from improper handling of the parameter Username in the file /admin/topic/list, which could lead to a cross-site scripting attac...
pybbs 代码注入漏洞
pybbs is a community platform for Java development by iuiu individual developers. A code injection vulnerability exists in pybbs 6.0.0 and earlier versions, which stems from improper handling of the parameter keyword in the file /search, and could lead to a cross-site scripting attack...
pybbs 安全漏洞
pybbs is a community platform for Java development by iuiu individual developers. A security vulnerability exists in pybbs 6.0.0 and earlier versions, which originates from an error message in the file src/main/java/co/yiiu/pybbs/controller/api/SettingsApiController.java in the function...
pybbs 安全漏洞
pybbs is a community platform for Java development by iuiu individual developers. A security vulnerability exists in pybbs 6.0.0 and earlier versions, which stems from a guessable CAPTCHA issue in the function adminlogin/login in the CAPTCHA handling component...
pybbs 代码注入漏洞
pybbs is a community platform for Java development by iuiu individual developers. A code injection vulnerability exists in pybbs 6.0.0 and earlier versions, which stems from improper handling of the parameter word in the file /admin/sensitiveword/list, which could lead to a cross-site scripting...
PT-2025-31906 · Unknown · Atjiu Pybbs
Name of the Vulnerable Software and Affected Versions: atjiu pybbs versions prior to 6.0.0 Description: A problematic issue exists in the Registered Email Handler component of atjiu pybbs. This issue affects the sendEmailCode function within the...
PT-2025-31921 · Unknown · Atjiu Pybbs
Name of the Vulnerable Software and Affected Versions: atjiu pybbs versions prior to 6.0.1 Description: A problematic issue has been found affecting the processing of the file /admin/user/list. Manipulation of the Username argument leads to cross site scripting. The attack can be initiated...