13 matches found
EUVD-2026-19024
A vulnerability was detected in QingdaoU OnlineJudge up to 1.6.1. Affected by this issue is the function serviceurl of the file JudgeServer.serviceurl of the component judgeserverheartbeat Endpoint. The manipulation results in server-side request forgery. It is possible to launch the attack...
CVE-2026-5538 QingdaoU OnlineJudge judge_server_heartbeat Endpoint JudgeServer.service_url server-side request forgery
A vulnerability was detected in QingdaoU OnlineJudge up to 1.6.1. Affected by this issue is the function serviceurl of the file JudgeServer.serviceurl of the component judgeserverheartbeat Endpoint. The manipulation results in server-side request forgery. It is possible to launch the attack...
CVE-2026-5538
A vulnerability was detected in QingdaoU OnlineJudge up to 1.6.1. Affected by this issue is the function serviceurl of the file JudgeServer.serviceurl of the component judgeserverheartbeat Endpoint. The manipulation results in server-side request forgery. It is possible to launch the attack...
CVE-2026-5538
CVE-2026-5538 affects QingdaoU OnlineJudge up to 1.6.1. The issue lies in the function service_url of JudgeServer.service_url within the judge_server_heartbeat Endpoint, where manipulation enables server-side request forgery. The vulnerability is exploitable remotely. The vendor has been contacte...
PT-2026-30409
A vulnerability was detected in QingdaoU OnlineJudge up to 1.6.1. Affected by this issue is the function service url of the file JudgeServer.service url of the component judge server heartbeat Endpoint. The manipulation results in server-side request forgery. It is possible to launch the attack...
OnlineJudge 代码问题漏洞
OnlineJudge is an online programming evaluation system developed by Qingdao University. Versions of OnlineJudge 1.6.1 and earlier contained code vulnerabilities due to a flaw in the serviceurl function, which involved server-side request forgery...
EUVD-2018-8213
Malware in sbrugna...
CVE-2018-16367
In OnlineJudge 2.0, the sandbox has an incorrect access control vulnerability that can write a file anywhere. A user can write a directory listing to /tmp, and can leak file data with a include...
CVE-2018-16367
In OnlineJudge 2.0, the sandbox has an incorrect access control vulnerability that can write a file anywhere. A user can write a directory listing to /tmp, and can leak file data with a include...
Improper access control
In OnlineJudge 2.0, the sandbox has an incorrect access control vulnerability that can write a file anywhere. A user can write a directory listing to /tmp, and can leak file data with a include...
CVE-2018-16367
CVE-2018-16367 affects OnlineJudge 2.0 via the sandbox, which has an incorrect access control vulnerability that allows writing a file anywhere. An attacker can write a directory listing to /tmp and leak file data with a #include. Public references indicate a high/critical impact, including compl...
CVE-2018-16367
In OnlineJudge 2.0, the sandbox has an incorrect access control vulnerability that can write a file anywhere. A user can write a directory listing to /tmp, and can leak file data with a include...
Hustoj is HUST ACM OnlineJudge "fckeditor" file upload security issue
Description A security issue has been discovered in Hustoj is HUST ACM OnlineJudge, which can be exploited by malicious people to bypass certain security restrictions. Access to the enabled FCKeditor component is not properly restricted, which can be exploited to e.g upload files of certain types...