Malicious code in springboot-md (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9a8c54ec931e96de6b2788e07cecb1d64ae325d3df32749035073a24f1a762c2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-4888 Malicious code in springboot-js (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 767553d0189c47e072ca2eccece5b848745a1f6faaf34987293d9232d32f48fa Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

WebStack-Guns 安全漏洞

WebStack-Guns is an open source URL navigation website project by Dana Keeling, an individual developer, with a backend based on Guns and Springboot. A security vulnerability exists in WebStack-Guns version 1.0, which stems from vulnerability to cross-site request forgery attacks...

shiyi-blog 安全漏洞

shiyi-blog is a vue+springboot front-end and back-end separated blog system by bule individual developer. A security vulnerability exists in shiyi-blog 1.2.1 and earlier versions, which stems from an improper authorization issue...

shiyi-blog 安全漏洞

shiyi-blog is a vue+springboot front-end and back-end separated blog system by bule individual developer. A security vulnerability exists in shiyi-blog 1.2.1 and earlier versions, which stems from path traversal due to incorrect operation of the file/source parameter...

📄 Java-springboot-codebase 1.1 Arbitrary File Read

Java-sprintboot-codebase version 1.1 suffers from an arbitrary file read vulnerability. Exploit Title: Java-springboot-codebase 1.1 - Arbitrary File Read Google Dork: Date: 23/May/2025 Exploit Author: d3sca Vendor Homepage: https://github.com/OsamaTaher/Java-springboot-codebase Software Link:...

Java-springboot-codebase 1.1 - Arbitrary File Read

Exploit Title: Java-springboot-codebase 1.1 - Arbitrary File Read Google Dork: Date: 23/May/2025 Exploit Author: d3sca Vendor Homepage: https://github.com/OsamaTaher/Java-springboot-codebase Software Link: https://github.com/OsamaTaher/Java-springboot-codebase Version: app version 1.1 Tested on:...

CVE-2024-24061

springboot-manager v1.6 is vulnerable to Cross Site Scripting XSS via /sysContent/add...

CVE-2024-24062

springboot-manager v1.6 is vulnerable to Cross Site Scripting XSS via /sys/role...

CVE-2024-24059

springboot-manager v1.6 is vulnerable to Arbitrary File Upload. The system does not filter the suffixes of uploaded files...

CVE-2024-24060

springboot-manager v1.6 is vulnerable to Cross Site Scripting XSS via /sys/user...

CVE-2024-13201

A vulnerability has been found in wander-chu SpringBoot-Blog 1.0 and classified as critical. This vulnerability affects the function upload of the file src/main/java/com/my/blog/website/controller/admin/AttachtController.java of the component Admin Attachment Handler. The manipulation of the...

CVE-2024-13202

A vulnerability was found in wander-chu SpringBoot-Blog 1.0 and classified as problematic. This issue affects the function modifiyArticle of the file src/main/java/com/my/blog/website/controller/admin/PageController.java of the component Blog Article Handler. The manipulation of the argument...

CVE-2025-45618

Incorrect access control in the component /admin/sys/datasource/ajaxList of jeeweb-mybatis-springboot v0.0.1.RELEASE allows attackers to access sensitive information via a crafted payload...

CVE-2025-45618

Incorrect access control in the component /admin/sys/datasource/ajaxList of jeeweb-mybatis-springboot v0.0.1.RELEASE allows attackers to access sensitive information via a crafted payload...

CVE-2025-45618

Incorrect access control in the component /admin/sys/datasource/ajaxList of jeeweb-mybatis-springboot v0.0.1.RELEASE allows attackers to access sensitive information via a crafted payload...

CVE-2025-45618

CVE-2025-45618 affects jeeweb-mybatis-springboot v0.0.1.RELEASE, with an incorrect access control issue in the component /admin/sys/datasource/ajaxList. The vulnerability allows an attacker to access sensitive information via a crafted payload. The public documentation consistently states imprope...

jeeweb-mybatis-springboot 安全漏洞

jeeweb-mybatis-springboot is a Java web distributed development system by huangjian888 individual developer. A security vulnerability exists in jeeweb-mybatis-springboot v0.0.1, which stems from improper access control of the component /admin/sys/datasource/ajaxList, which could result in access ...

CVE-2025-45618

Incorrect access control in the component /admin/sys/datasource/ajaxList of jeeweb-mybatis-springboot v0.0.1.RELEASE allows attackers to access sensitive information via a crafted payload...

CVE-2025-3957

A vulnerability was found in opplus springboot-admin 1.0 and classified as critical. This issue affects some unknown processing of the file \src\main\resources\mapper\sys\SysLogDao.xml. The manipulation of the argument order leads to sql injection. The attack may be initiated remotely. The exploi...