63 matches found
CVE-2026-3405
A vulnerability has been found in thinkgem JeeSite up to 5.15.1. The affected element is an unknown function of the component Connection Handler. The manipulation leads to path traversal. It is possible to initiate the attack remotely. The attack is considered to have high complexity. The...
CVE-2026-3404
A flaw has been found in thinkgem JeeSite up to 5.15.1. Impacted is an unknown function of the file /com/jeesite/common/shiro/cas/CasOutHandler.java of the component Endpoint. Executing a manipulation can lead to xml external entity reference. The attack may be performed from remote. Attacks of...
CVE-2026-3405
A vulnerability has been found in thinkgem JeeSite up to 5.15.1. The affected element is an unknown function of the component Connection Handler. The manipulation leads to path traversal. It is possible to initiate the attack remotely. The attack is considered to have high complexity. The...
EUVD-2026-9138
A vulnerability has been found in thinkgem JeeSite up to 5.15.1. The affected element is an unknown function of the component Connection Handler. The manipulation leads to path traversal. It is possible to initiate the attack remotely. The attack is considered to have high complexity. The...
CVE-2026-3405 thinkgem JeeSite Connection path traversal
A vulnerability has been found in thinkgem JeeSite up to 5.15.1. The affected element is an unknown function of the component Connection Handler. The manipulation leads to path traversal. It is possible to initiate the attack remotely. The attack is considered to have high complexity. The...
CVE-2026-3405
CVE-2026-3405 affects thinkgem JeeSite up to 5.15.1, in the Connection Handler component. The issue is a path traversal vulnerability that can be triggered remotely. Documents consistently describe the attack as having high complexity and that exploitability is difficult, with the exploit details...
CVE-2026-3405
A vulnerability has been found in thinkgem JeeSite up to 5.15.1. The affected element is an unknown function of the component Connection Handler. The manipulation leads to path traversal. It is possible to initiate the attack remotely. The attack is considered to have high complexity. The...
CVE-2026-3405 thinkgem JeeSite Connection path traversal
A vulnerability has been found in thinkgem JeeSite up to 5.15.1. The affected element is an unknown function of the component Connection Handler. The manipulation leads to path traversal. It is possible to initiate the attack remotely. The attack is considered to have high complexity. The...
CVE-2026-3404 thinkgem JeeSite Endpoint CasOutHandler.java xml external entity reference
A flaw has been found in thinkgem JeeSite up to 5.15.1. Impacted is an unknown function of the file /com/jeesite/common/shiro/cas/CasOutHandler.java of the component Endpoint. Executing a manipulation can lead to xml external entity reference. The attack may be performed from remote. Attacks of...
PT-2026-22535
A flaw has been found in thinkgem JeeSite up to 5.15.1. Impacted is an unknown function of the file /com/jeesite/common/shiro/cas/CasOutHandler.java of the component Endpoint. Executing a manipulation can lead to xml external entity reference. The attack may be performed from remote. Attacks of...
PT-2026-22536
Name of the Vulnerable Software and Affected Versions thinkgem JeeSite versions up to 5.15.1 Description A path traversal issue exists in thinkgem JeeSite, specifically within the Connection Handler component. The issue allows for remote attacks with high complexity, though exploitability is...
EUVD-2025-21826
Malicious code in bioql PyPI...
EUVD-2025-16275
Malicious code in bioql PyPI...
EUVD-2025-21987
Malicious code in bioql PyPI...
EUVD-2025-21985
Malicious code in bioql PyPI...
EUVD-2025-21875
Malicious code in bioql PyPI...
EUVD-2024-48946
Malicious code in bioql PyPI...
EUVD-2025-26363
Malicious code in bioql PyPI...
EUVD-2025-21988
Malicious code in bioql PyPI...
CVE-2025-9796
A vulnerability was found in thinkgem JeeSite up to 5.12.1. This affects the function decodeUrl2 of the file common/src/main/java/com/jeesite/common/codec/EncodeUtils.java. The manipulation results in cross site scripting. It is possible to launch the attack remotely. The exploit has been made...