CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Incorrect access control in the preHandle function of my-site v1.0.2 allows attackers to access sensitive components without authentication via the cn.luischen.interceptor.BaseInterceptor class...

7.5CVSS7.3AI score0.00348EPSS

Exploits1References1

RedhatCVE•added 2025/08/22 12:22 a.m.•6 views

CVE-2024-53495

Incorrect access control in the preHandle function of my-site v1.0.2.RELEASE allows attackers to access sensitive components without authentication...

7.5CVSS7.1AI score0.00348EPSS

Exploits1References1

CNNVD•added 2025/08/22 12:0 a.m.•5 views

my-site 安全漏洞

my-site is WinterChenS individual developer's personal website based on springboot2.0 development, integrated: personal home page, personal blog, personal works. A security vulnerability exists in version 1.0.2.RELEASE of my-site, which stems from improper access control of the doFilter function...

9.8CVSS6.6AI score0.00545EPSS

Exploits1References3

Vulnrichment•added 2025/08/22 12:0 a.m.•3 views

CVE-2024-53496

Incorrect access control in the doFilter function of my-site v1.0.2.RELEASE allows attackers to access sensitive components without authentication...

6.4AI score0.00545EPSS

Exploits1References2

Positive Technologies•added 2025/08/22 12:0 a.m.•6 views

PT-2025-34470 · My-Site · My-Site

Name of the Vulnerable Software and Affected Versions: my-site version 1.0.2.RELEASE Description: An incorrect access control issue exists in the doFilter function, allowing attackers to access sensitive components without authentication. Recommendations: Apply updates to address the access contr...

9.8CVSS7.1AI score0.00545EPSS

Exploits1References6

Cvelist•added 2025/08/22 12:0 a.m.•9 views

CVE-2024-53496

Incorrect access control in the doFilter function of my-site v1.0.2.RELEASE allows attackers to access sensitive components without authentication...

0.00545EPSS

Exploits1References2

CVE•added 2025/08/22 12:0 a.m.•18 views

CVE-2024-53496

The CVE-2024-53496 entry concerns my-site v1.0.2.RELEASE, where an incorrect access control in the doFilter function can allow an unauthenticated user to reach sensitive components. The issue is characterized as high-risk (CVSSv3.1: AV:N/AC:L/PR:N/UI:N/S:U with C/H/I/A = High; base score 9.8). So...

9.8CVSS6.5AI score0.00545EPSS

Exploits1References2Affected Software1

OSV•added 2025/08/20 7:15 p.m.•1 views

CVE-2024-57152

Incorrect access control in the preHandle function of my-site v1.0.2 allows attackers to access sensitive components without authentication via the cn.luischen.interceptor.BaseInterceptor class...

7.5CVSS5.8AI score

Exploits0References1

OSV•added 2025/08/20 6:15 p.m.•0 views

CVE-2024-53495

Incorrect access control in the preHandle function of my-site v1.0.2.RELEASE allows attackers to access sensitive components without authentication...

7.5CVSS5.8AI score

Exploits0References1

NVD•added 2025/08/20 6:15 p.m.•4 views

CVE-2024-53495

Incorrect access control in the preHandle function of my-site v1.0.2.RELEASE allows attackers to access sensitive components without authentication...

7.5CVSS0.00348EPSS

Exploits1References1

OSV•added 2025/08/20 5:15 p.m.•3 views

CVE-2025-50904

There is an authentication bypass vulnerability in WinterChenS my-site thru commit 6c79286 2025-06-11. An attacker can exploit this vulnerability to access /admin/ API without any token...

9.8CVSS5.8AI score0.00415EPSS

Exploits1References1

NVD•added 2025/08/20 5:15 p.m.•5 views

CVE-2025-50904

There is an authentication bypass vulnerability in WinterChenS my-site thru commit 6c79286 2025-06-11. An attacker can exploit this vulnerability to access /admin/ API without any token...

9.8CVSS0.00415EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by