CVE-2024-53495

CVE-2024-53495 affects my-site v1.0.2.RELEASE. The root cause is incorrect access control in the preHandle function, permitting access to sensitive components without authentication. The vulnerability is rated CVSS v3.1 base score 7.5 (HIGH) with network attack vector, low exploit complexity, and...

CVE-2024-50640

jeewx-boot 1.3 has an authentication bypass vulnerability in the preHandle function...

CVE-2024-57491

Authentication Bypass vulnerability in jobx up to v1.0.1-RELEASE allows an attacker can exploit this vulnerability to access sensitive API without any token via the preHandle function...

CVE-2024-53495

Incorrect access control in the preHandle function of my-site v1.0.2.RELEASE allows attackers to access sensitive components without authentication...

PT-2025-34146 · My-Site · My-Site

Name of the Vulnerable Software and Affected Versions: my-site version 1.0.2 Description: Incorrect access control in the preHandle function allows attackers to access sensitive components without authentication via the cn.luischen.interceptor.BaseInterceptor class. Recommendations: Update to a...

Jeewx-Boot 安全漏洞

Jeewx-Boot is an official JEECG open source open source microsoft housekeeping platform. A security vulnerability exists in Jeewx-Boot version 1.3, which stems from an authentication bypass vulnerability in the preHandle function...

PT-2025-34138 · My-Site · My-Site

Name of the Vulnerable Software and Affected Versions: my-site version 1.0.2.RELEASE Description: Incorrect access control in the preHandle function allows attackers to access sensitive components without authentication. Recommendations: Apply updates to address the access control issue in the...

CVE-2024-57491

Authentication Bypass vulnerability in jobx up to v1.0.1-RELEASE allows an attacker can exploit this vulnerability to access sensitive API without any token via the preHandle function...

PT-2025-34114 · Unknown · Jeewx-Boot

Name of the Vulnerable Software and Affected Versions: jeewx-boot version 1.3 Description: jeewx-boot version 1.3 contains an authentication bypass vulnerability in the preHandle function. Recommendations: At the moment, there is no information about a newer version that contains a fix for this...

CVE-2024-57152

Incorrect access control in the preHandle function of my-site v1.0.2 allows attackers to access sensitive components without authentication via the cn.luischen.interceptor.BaseInterceptor class...

CVE-2025-8838 WinterChenS my-site Backend admin preHandle improper authentication

A vulnerability has been found in WinterChenS my-site up to 1f7525f15934d9d6a278de967f6ec9f1757738d8. This vulnerability affects the function preHandle of the file /admin/ of the component Backend Interface. The manipulation of the argument uri leads to improper authentication. The attack can be...

CVE-2025-8756

A vulnerability has been found in TDuckCloud tduck-platform up to 5.1 and classified as critical. Affected by this vulnerability is the function preHandle of the file /manage/ of the component com.tduck.cloud.api.web.interceptor.AuthorizationInterceptor. The manipulation leads to improper...

CVE-2025-8756

A vulnerability has been found in TDuckCloud tduck-platform up to 5.1 and classified as critical. Affected by this vulnerability is the function preHandle of the file /manage/ of the component com.tduck.cloud.api.web.interceptor.AuthorizationInterceptor. The manipulation leads to improper...

CVE-2025-8756

TDuckCloud TDuck-Platform (versions up to 5.1) contains a vulnerability in the preHandle function of the AuthorizationInterceptor at /manage/ (component com.tduck.cloud.api.web.interceptor.AuthorizationInterceptor) that enables improper authorization. A remote attack is possible, and the exploit ...

Authentication Bypass

org.apache.iotdb:iotdb-grafana-connector is vulnerable to Authentication Bypass. The vulnerability exists due to insufficient checks in preHandle function of LoginInterceptor.java, which allows a remote attacker to bypass authentication mechanisms...