CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 2025/03/11 8:31 p.m.•14 views

CVE-2025-2208 aitangbao springboot-manager Filename upload cross site scripting

CVE•added 2025/03/11 8:31 p.m.•53 views

CVE-2025-2208

CVE-2025-2208 affects aitangbao springboot-manager 3.0, specifically a vulnerability in the Filename Handler that processes the file at /sysFiles/upload. The issue arises from manipulation of the argument name, enabling cross-site scripting. It can be exploited remotely, and public exploits have ...

4.8CVSS3.3AI score0.00066EPSS

Exploits1References4Affected Software1

NVD•added 2025/03/11 8:15 p.m.•13 views

CVE-2025-2206

A vulnerability classified as problematic has been found in aitangbao springboot-manager 3.0. This affects an unknown part of the file /sys/permission. The manipulation of the argument name leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclos...

OSV•added 2025/03/11 8:15 p.m.•1 views

CVE-2025-2207

A vulnerability classified as problematic was found in aitangbao springboot-manager 3.0. This vulnerability affects unknown code of the file /sys/dept. The manipulation of the argument name leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the...

4.8CVSS3.8AI score

Exploits0References4

NVD•added 2025/03/11 8:15 p.m.•11 views

CVE-2025-2207

OSV•added 2025/03/11 8:15 p.m.•3 views

CVE-2025-2206

4.8CVSS3.9AI score0.00066EPSS

Cvelist•added 2025/03/11 8:0 p.m.•17 views

CVE-2025-2207 aitangbao springboot-manager dept cross site scripting

Vulnrichment•added 2025/03/11 8:0 p.m.•19 views

CVE-2025-2207 aitangbao springboot-manager dept cross site scripting

4.8CVSS3.5AI score0.00066EPSS

CVE•added 2025/03/11 8:0 p.m.•59 views

CVE-2025-2207

CVE-2025-2207 affects aitangbao springboot-manager 3.0. The vulnerability arises from manipulation of the argument name in code handling /sys/dept, resulting in cross-site scripting. The attack can be initiated remotely and the exploit has been disclosed publicly. Other parameters may also be aff...

4.8CVSS3.4AI score0.00066EPSS

Exploits1References4Affected Software1

CVE•added 2025/03/11 8:0 p.m.•52 views

CVE-2025-2206

Summary of CVE-2025-2206 (aitangbao springboot-manager 3.0) A vulnerability exists in aitangbao springboot-manager version 3.0 involving the file /sys/permission. The issue arises from manipulation of the name argument, which leads to cross-site scripting. The attack can be initiated remotely and...

4.8CVSS3.3AI score0.00066EPSS

Exploits1References4Affected Software1

Vulnrichment•added 2025/03/11 8:0 p.m.•6 views

CVE-2025-2206 aitangbao springboot-manager permission cross site scripting

4.8CVSS3.4AI score0.00066EPSS

Cvelist•added 2025/03/11 8:0 p.m.•14 views

CVE-2025-2206 aitangbao springboot-manager permission cross site scripting

springboot-manager 代码注入漏洞

springboot-manager is a backend management system based on SpringBoot + Thymeleaf + Layui + Apache Shiro + Redis + Mybatis Plus by an individual developer in China, liwenbin. A code injection vulnerability exists in springboot-manager version 3.0, which originates from cross-site scripting and...

springboot-manager 代码注入漏洞

springboot-manager 代码注入漏洞

CNNVD•added 2025/03/11 12:0 a.m.•1 views

springboot-manager 代码注入漏洞

CNNVD•added 2025/03/11 12:0 a.m.•1 views

springboot-manager 代码注入漏洞

springboot-manager 代码注入漏洞

springboot-manager is a backend management system based on SpringBoot + Thymeleaf + Layui + Apache Shiro + Redis + Mybatis Plus by individual developer liwenbin in China. aitangbao A code injection vulnerability exists in springboot-manager version 3.0, which originates from cross-site scripting...