35 matches found
CVE-2026-2676
A weakness has been identified in GoogTech sms-ssm up to e8534c766fd13f5f94c01dab475d75f286918a8d. Affected by this issue is the function preHandle of the file LoginInterceptor.java of the component API Interface. Executing a manipulation can lead to improper authorization. The attack may be...
CVE-2026-2676 GoogTech sms-ssm API LoginInterceptor.java preHandle improper authorization
A weakness has been identified in GoogTech sms-ssm up to e8534c766fd13f5f94c01dab475d75f286918a8d. Affected by this issue is the function preHandle of the file LoginInterceptor.java of the component API Interface. Executing a manipulation can lead to improper authorization. The attack may be...
sms-ssm 授权问题漏洞
SMS-SSM is a student management system personally developed by HackHuang. There are authorization-related vulnerabilities in SMS-SSM; these vulnerabilities stem from improper authorization in the preHandle function within the LoginInterceptor.java file...
EUVD-2024-54909
Malicious code in bioql PyPI...
EUVD-2024-54900
Malicious code in bioql PyPI...
EUVD-2024-54891
Malicious code in bioql PyPI...
CVE-2024-46412
Incorrect access control in the prehandle function of Rebuild v3.7.7 allows attackers to bypass authentication via a crafted GET request sent to /commons/ip-location...
CVE-2024-46412
Incorrect access control in the prehandle function of Rebuild v3.7.7 allows attackers to bypass authentication via a crafted GET request sent to /commons/ip-location...
CVE-2024-46412
CVE-2024-46412 affects Rebuild v3.7.7. The issue is an incorrect access control in the prehandle function, allowing an attacker to bypass authentication by sending a crafted GET request to /commons/ip-location. Public sources in the connected documents corroborate this description across Red Hat ...
Rebuild 安全漏洞
Rebuild is a highly customizable enterprise management system from getrebuild open source. A security vulnerability exists in Rebuild version v3.7.7, which stems from improper access control in the prehandle function and could lead to bypassing authentication via a specially crafted GET request...
CVE-2024-46412
Incorrect access control in the prehandle function of Rebuild v3.7.7 allows attackers to bypass authentication via a crafted GET request sent to /commons/ip-location...
CVE-2024-57491
Authentication Bypass vulnerability in jobx up to v1.0.1-RELEASE allows an attacker can exploit this vulnerability to access sensitive API without any token via the preHandle function...
CVE-2024-50640
jeewx-boot 1.3 has an authentication bypass vulnerability in the preHandle function...
CVE-2024-50640
jeewx-boot 1.3 has an authentication bypass vulnerability in the preHandle function...
CVE-2024-57491
Authentication Bypass vulnerability in jobx up to v1.0.1-RELEASE allows an attacker can exploit this vulnerability to access sensitive API without any token via the preHandle function...
CVE-2024-57491
Authentication Bypass vulnerability in jobx up to v1.0.1-RELEASE allows an attacker can exploit this vulnerability to access sensitive API without any token via the preHandle function...
CVE-2024-50640
jeewx-boot 1.3 has an authentication bypass vulnerability in the preHandle function...
CVE-2024-57152
Summary: CVE-2024-57152 affects my-site v1.0.2 due to incorrect access control in the preHandle function of the cn.luischen.interceptor.BaseInterceptor class, enabling unauthenticated access to sensitive components. The CVSS v3.1 base score is 7.5 (HIGH); attack vector is NETWORK, with LOW attack...
CVE-2024-57491
Authentication Bypass vulnerability in jobx up to v1.0.1-RELEASE allows an attacker can exploit this vulnerability to access sensitive API without any token via the preHandle function...
PT-2025-34114 · Unknown · Jeewx-Boot
Name of the Vulnerable Software and Affected Versions: jeewx-boot version 1.3 Description: jeewx-boot version 1.3 contains an authentication bypass vulnerability in the preHandle function. Recommendations: At the moment, there is no information about a newer version that contains a fix for this...