46 matches found
CVE-2025-13810
A vulnerability was found in jsnjfz WebStack-Guns 1.0. This affects the function renderPicture of the file src/main/java/com/jsnjfz/manage/modular/system/controller/KaptchaController.java. Performing a manipulation results in path traversal. It is possible to initiate the attack remotely. The...
CVE-2025-13810 jsnjfz WebStack-Guns KaptchaController.java renderPicture path traversal
A vulnerability was found in jsnjfz WebStack-Guns 1.0. This affects the function renderPicture of the file src/main/java/com/jsnjfz/manage/modular/system/controller/KaptchaController.java. Performing a manipulation results in path traversal. It is possible to initiate the attack remotely. The...
CVE-2025-13810 jsnjfz WebStack-Guns KaptchaController.java renderPicture path traversal
A vulnerability was found in jsnjfz WebStack-Guns 1.0. This affects the function renderPicture of the file src/main/java/com/jsnjfz/manage/modular/system/controller/KaptchaController.java. Performing a manipulation results in path traversal. It is possible to initiate the attack remotely. The...
CVE-2025-13810
CVE-2025-13810 affects jsnjfz WebStack-Guns 1.0. The path traversal vulnerability occurs in KaptchaController.java.renderPicture, where parameter manipulation enables unauthorized file path access. Descriptions indicate a remote attack vector with a publicly available exploit, and vendor contacte...
WebStack-Guns SQL注入漏洞
WebStack-Guns is an open source URL navigation website project by Dana Keeling, an individual developer, with a backend based on Guns and Springboot. A SQL injection vulnerability exists in WebStack-Guns version 1.0, which stems from the incorrect manipulation of the parameter sort in the file...
PT-2025-48415
A vulnerability was determined in jsnjfz WebStack-Guns 1.0. This vulnerability affects unknown code of the file src/main/java/com/jsnjfz/manage/core/common/constant/factory/PageFactory.java. Executing manipulation of the argument sort can lead to sql injection. It is possible to launch the attack...
WebStack-Guns 路径遍历漏洞
WebStack-Guns is Dana Keeling individual developer of an open source web site navigation website project , backend based on Guns and Springboot. WebStack-Guns 1.0 version of a path traversal vulnerability , the vulnerability stems from the file KaptchaController.java function renderPicture...
PT-2025-48414
A vulnerability was found in jsnjfz WebStack-Guns 1.0. This affects the function renderPicture of the file src/main/java/com/jsnjfz/manage/modular/system/controller/KaptchaController.java. Performing manipulation results in path traversal. It is possible to initiate the attack remotely. The explo...
EUVD-2025-17559
Malicious code in bioql PyPI...
EUVD-2025-17565
Malicious code in bioql PyPI...
CVE-2025-5888
A vulnerability was found in jsnjfz WebStack-Guns 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may b...
CVE-2025-5887
A vulnerability was found in jsnjfz WebStack-Guns 1.0. It has been classified as problematic. Affected is an unknown function of the file UserMgrController.java of the component File Upload. The manipulation of the argument File leads to cross site scripting. It is possible to launch the attack...
CVE-2025-5888
A vulnerability was found in jsnjfz WebStack-Guns 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may b...
CVE-2025-5888
A vulnerability was found in jsnjfz WebStack-Guns 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may b...
CVE-2025-5888 jsnjfz WebStack-Guns cross-site request forgery
A vulnerability was found in jsnjfz WebStack-Guns 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may b...
CVE-2025-5888 jsnjfz WebStack-Guns cross-site request forgery
A vulnerability was found in jsnjfz WebStack-Guns 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may b...
CVE-2025-5888
CVE-2025-5888 affects jsnjfz WebStack-Guns 1.0. The vulnerability is a cross-site request forgery (CSRF) in an unspecified functionality, with the attack described as remotely exploitable and the public disclosure already made. Multiple sources (NVD and related feeds) corroborate CSRF as the issu...
CVE-2025-5887
A vulnerability was found in jsnjfz WebStack-Guns 1.0. It has been classified as problematic. Affected is an unknown function of the file UserMgrController.java of the component File Upload. The manipulation of the argument File leads to cross site scripting. It is possible to launch the attack...
CVE-2025-5887
A vulnerability was found in jsnjfz WebStack-Guns 1.0. It has been classified as problematic. Affected is an unknown function of the file UserMgrController.java of the component File Upload. The manipulation of the argument File leads to cross site scripting. It is possible to launch the attack...
CVE-2025-5887 jsnjfz WebStack-Guns File Upload UserMgrController.java cross site scripting
A vulnerability was found in jsnjfz WebStack-Guns 1.0. It has been classified as problematic. Affected is an unknown function of the file UserMgrController.java of the component File Upload. The manipulation of the argument File leads to cross site scripting. It is possible to launch the attack...