30 matches found
EUVD-2025-18832
Malicious code in bioql PyPI...
EUVD-2025-25787
Malicious code in bioql PyPI...
EUVD-2025-19325
Malicious code in bioql PyPI...
CVE-2025-9461
A weakness has been identified in diyhi bbs up to 6.8. The impacted element is an unknown function of the file src/main/java/cms/web/action/filePackage/FilePackageManageAction.java of the component File Compression Handler. This manipulation of the argument idGroup causes information disclosure...
CVE-2025-9461
A weakness has been identified in diyhi bbs up to 6.8. The impacted element is an unknown function of the file src/main/java/cms/web/action/filePackage/FilePackageManageAction.java of the component File Compression Handler. This manipulation of the argument idGroup causes information disclosure...
CVE-2025-9461
A weakness has been identified in diyhi bbs up to 6.8. The impacted element is an unknown function of the file src/main/java/cms/web/action/filePackage/FilePackageManageAction.java of the component File Compression Handler. This manipulation of the argument idGroup causes information disclosure...
CVE-2025-9461
CVE-2025-9461 affects diyhi bbs (versions up to 6.8; update to 6.9+ recommended) in the File Compression Handler, specifically in FilePackageManageAction.java. The vulnerability stems from manipulation of the idGroup argument, leading to information disclosure. Remote exploitation is possible and...
CVE-2025-9461 diyhi bbs File Compression FilePackageManageAction.java information disclosure
A weakness has been identified in diyhi bbs up to 6.8. The impacted element is an unknown function of the file src/main/java/cms/web/action/filePackage/FilePackageManageAction.java of the component File Compression Handler. This manipulation of the argument idGroup causes information disclosure...
CVE-2025-9461 diyhi bbs File Compression FilePackageManageAction.java information disclosure
A weakness has been identified in diyhi bbs up to 6.8. The impacted element is an unknown function of the file src/main/java/cms/web/action/filePackage/FilePackageManageAction.java of the component File Compression Handler. This manipulation of the argument idGroup causes information disclosure...
PT-2025-34733 · Diyhi Bbs · Diyhi Bbs
Name of the Vulnerable Software and Affected Versions: diyhi bbs versions prior to 6.9 Description: A weakness has been identified that may lead to information disclosure. This issue is related to the manipulation of the idGroup argument within an unknown function of the file...
diyhi bbs 安全漏洞
diyhi bbs patrol cloud light forum system is a forum system for diyhi individual developers. A security vulnerability exists in diyhi bbs version 6.8 and earlier, which originates from information leakage due to incorrect operation of the parameter idGroup in the file...
CVE-2025-6762
A vulnerability classified as critical has been found in diyhi bbs up to 6.8. This affects the function getUrl of the file /admin/login of the component HTTP Header Handler. The manipulation of the argument Host leads to server-side request forgery. It is possible to initiate the attack remotely...
CVE-2025-6762
A vulnerability classified as critical has been found in diyhi bbs up to 6.8. This affects the function getUrl of the file /admin/login of the component HTTP Header Handler. The manipulation of the argument Host leads to server-side request forgery. It is possible to initiate the attack remotely...
CVE-2025-6762
A vulnerability classified as critical has been found in diyhi bbs up to 6.8. This affects the function getUrl of the file /admin/login of the component HTTP Header Handler. The manipulation of the argument Host leads to server-side request forgery. It is possible to initiate the attack remotely...
CVE-2025-6762 diyhi bbs HTTP Header login getUrl server-side request forgery
A vulnerability classified as critical has been found in diyhi bbs up to 6.8. This affects the function getUrl of the file /admin/login of the component HTTP Header Handler. The manipulation of the argument Host leads to server-side request forgery. It is possible to initiate the attack remotely...
CVE-2025-6762
CVE-2025-6762 affects diyhi bbs up to version 6.8. The issue is in the HTTP Header Handler’s getUrl function for /admin/login, where manipulating the Host argument enables server-side request forgery (SSRF). Exploitation is possible remotely and has been disclosed publicly. Connected documents co...
CVE-2025-6762 diyhi bbs HTTP Header login getUrl server-side request forgery
A vulnerability classified as critical has been found in diyhi bbs up to 6.8. This affects the function getUrl of the file /admin/login of the component HTTP Header Handler. The manipulation of the argument Host leads to server-side request forgery. It is possible to initiate the attack remotely...
PT-2025-27142 · Diyhi Bbs · Diyhi Bbs
Name of the Vulnerable Software and Affected Versions: diyhi bbs versions up to 6.8 Description: A critical issue has been discovered that affects the getUrl function of the /admin/login file in the HTTP Header Handler component. The manipulation of the Host argument leads to server-side request...
diyhi bbs 安全漏洞
diyhi bbs patrol cloud light forum system is a forum system for diyhi individual developers. A security vulnerability exists in diyhi bbs version 6.8 and earlier, which stems from improper manipulation of the Host parameter in the getUrl function of the HTTP header processing component, which cou...
CVE-2025-6453
A vulnerability classified as critical has been found in diyhi bbs 6.8. Affected is the function Add of the file /src/main/java/cms/web/action/template/ForumManageAction.java of the component API. The manipulation of the argument dirName leads to path traversal. It is possible to launch the attac...