aidigu 安全漏洞

aidigu Aidigu is an open source microblogging project by the individual developer SR.Lee lty628. A security vulnerability exists in aidigu 1.8.2 and earlier versions, which stems from a misuse of the parameter rememberMe leading to deserialization...

RuoYi Cross-Site Scripting Vulnerability

RuoYi is a backend management system by the individual developer of RuoYi in China. A cross-site scripting vulnerability exists in RuoYi version 4.7.8, which stems from a reflected cross-site scripting XSS vulnerability in the parameter rememberMe...

CVE-2022-35857

kvf-admin through 2022-02-12 allows remote attackers to execute arbitrary code because deserialization is mishandled. The rememberMe parameter is encrypted with a hardcoded key from the com.kalvin.kvf.common.shiro.ShiroConfig file...

CVE-2022-35857

kvf-admin through 2022-02-12 allows remote attackers to execute arbitrary code because deserialization is mishandled. The rememberMe parameter is encrypted with a hardcoded key from the com.kalvin.kvf.common.shiro.ShiroConfig file...

PT-2022-22971 · Kvf-Admin · Kvf-Admin

Name of the Vulnerable Software and Affected Versions: kvf-admin through 2022-02-12 Description: The issue allows remote attackers to execute arbitrary code because deserialization is mishandled. The rememberMe parameter is encrypted with a hardcoded key from the...

CVE-2020-19229

Jeesite 1.2.7 uses the apache shiro version 1.2.3 affected by CVE-2016-4437. Because of this version of the java deserialization vulnerability, an attacker could exploit the vulnerability to execute arbitrary commands via the rememberMe parameter...

卓源软件 Jeesite 代码问题漏洞

Zhuo source software Jeesite is China's Zhuo source software company of a set of open source Java EE enterprise-class rapid development platform . The platform includes system permissions components , data permissions components , data dictionary components , core tools components , view...