35 matches found
CVE-2025-8525
A vulnerability was found in Exrick xboot up to 3.3.4. It has been classified as problematic. This affects an unknown part of the component Spring Boot Admin/Spring Actuator. The manipulation leads to information disclosure. It is possible to initiate the attack remotely. The exploit has been...
CVE-2025-8525
A vulnerability was found in Exrick xboot up to 3.3.4. It has been classified as problematic. This affects an unknown part of the component Spring Boot Admin/Spring Actuator. The manipulation leads to information disclosure. It is possible to initiate the attack remotely. The exploit has been...
CVE-2025-8526 Exrick xboot UploadController.java upload unrestricted upload
A vulnerability was found in Exrick xboot up to 3.3.4. It has been declared as critical. This vulnerability affects the function Upload of the file xboot-fast/src/main/java/cn/exrick/xboot/modules/base/controller/common/UploadController.java. The manipulation of the argument File leads to...
CVE-2025-8526 Exrick xboot UploadController.java upload unrestricted upload
A vulnerability was found in Exrick xboot up to 3.3.4. It has been declared as critical. This vulnerability affects the function Upload of the file xboot-fast/src/main/java/cn/exrick/xboot/modules/base/controller/common/UploadController.java. The manipulation of the argument File leads to...
CVE-2025-8526
CVE-2025-8526 : Exrick xboot up to 3.3.4 contains a vulnerability in the UploadController.java Upload function. The parameter File can be manipulated to achieve unrestricted file upload. The issue is exploitable remotely and the exploit has been disclosed publicly. Affected software: Exrick xboot...
CVE-2025-8525 Exrick xboot Spring Boot Admin/Spring Actuator information disclosure
A vulnerability was found in Exrick xboot up to 3.3.4. It has been classified as problematic. This affects an unknown part of the component Spring Boot Admin/Spring Actuator. The manipulation leads to information disclosure. It is possible to initiate the attack remotely. The exploit has been...
CVE-2025-8525
CVE-2025-8525 affects Exrick xboot up to 3.3.4, with a root cause tied to an information disclosure in the area of Spring Boot Admin/Spring Actuator . The vulnerability can be triggered remotely and the exploit has been publicly disclosed. Multiple connected sources corroborate the same impact an...
XBoot 安全漏洞
XBoot is a one-stop front-end and back-end separation rapid development platform for Exrick individual developers. A security vulnerability exists in XBoot 3.3.4 and earlier versions, which stems from sensitive information being stored in a cookie in clear text...
XBoot 代码问题漏洞
XBoot is a one-stop front-end and back-end separation rapid development platform for Exrick individual developers. A code issue vulnerability exists in XBoot 3.3.4 and prior versions, which stems from a server-side request forgery due to incorrect manipulation of the loginUrl parameter...
XBoot 代码问题漏洞
XBoot is a one-stop front-end and back-end separation rapid development platform for Exrick individual developers. A code issue vulnerability exists in XBoot 3.3.4 and prior versions, which stems from an incorrect manipulation of the parameter File resulting in unlimited uploads...
XBoot 访问控制错误漏洞
XBoot is a one-stop front-end and back-end separation rapid development platform for Exrick individual developers. An access control error vulnerability exists in XBoot 3.3.4 and earlier versions, which stems from an information disclosure that allows an attacker to obtain sensitive information...
PT-2025-31864 · Exrick +1 · Exrick Xboot +2
Name of the Vulnerable Software and Affected Versions: Exrick xboot versions up to 3.3.4 Description: A vulnerability exists in Exrick xboot that may lead to information disclosure. The issue affects an unknown part of the component Spring Boot Admin/Spring Actuator and can be initiated remotely...
PT-2025-31867 · Exrick · Exrick Xboot
Name of the Vulnerable Software and Affected Versions: Exrick xboot versions up to 3.3.4 Description: A critical issue exists in Exrick xboot that allows for unrestricted file uploads. This is due to the manipulation of the File argument within the Upload function located in the file...
PT-2025-31873 · Exrick · Exrick Xboot
Name of the Vulnerable Software and Affected Versions: Exrick xboot versions through 3.3.4 Description: A problematic issue has been identified in Exrick xboot. The issue resides in an unknown function within the /xboot/permission/getMenuList file. Manipulation of this function results in the...
PT-2025-31870 · Exrick +1 · Exrick Xboot +1
Name of the Vulnerable Software and Affected Versions: Exrick xboot versions through 3.3.4 Description: A critical vulnerability exists in Exrick xboot related to the Swagger component. The issue involves server-side request forgery SSRF resulting from the manipulation of the loginUrl argument...