CVE-2025-70982

Incorrect access control in the importUser function of SpringBlade v4.5.0 allows attackers with low-level privileges to arbitrarily import sensitive user data...

CVE-2025-70982

Incorrect access control in the importUser function of SpringBlade v4.5.0 allows attackers with low-level privileges to arbitrarily import sensitive user data...

PT-2026-4774

Name of the Vulnerable Software and Affected Versions SpringBlade version 4.5.0 Description A flaw exists in the importUser function that allows attackers with limited privileges to import sensitive user data without proper authorization. The issue is due to incorrect access control...

CVE-2025-70982

Incorrect access control in the importUser function of SpringBlade v4.5.0 allows attackers with low-level privileges to arbitrarily import sensitive user data...

SpringBlade security vulnerabilities

SpringBlade is a microservices development platform developed by Blade China. Version 4.5.0 of SpringBlade contains a security vulnerability. This vulnerability stems from improper access control in the importUser function, which may allow arbitrary import of sensitive user data...

CVE-2025-70982

CVE-2025-70982 affects SpringBlade v4.5.0 and stems from incorrect access control in the importUser function , enabling attackers with low-level privileges to arbitrarily import sensitive user data. The CVE is rated CRITICAL (CVSS 3.1: 9.9) with vectors: AV=N/AC=L/PR=L/UI=N/S=C/C=H/I=H/A=H. Impac...

EUVD-2025-206355

Incorrect access control in the importUser function of SpringBlade v4.5.0 allows attackers with low-level privileges to arbitrarily import sensitive user data...

ASUSTOR AS6202T ADM Unrestricted File Upload Vulnerability

ASUSTOR AS6202T ADM is a dedicated operating system for ASUSTOR NAS storage devices from ASUSTOR. An arbitrary file upload vulnerability exists in the importuser.cgi file in ASUSTOR AS6202T ADM version 3.1.0.RFQ3, which stems from the program's failure to validate file extensions. An attacker can...