27 matches found
CVE-2023-43961
An issue in Dromara SaToken version 1.3.50RC and before when using Spring dynamic controllers, a specially crafted request may cause an authentication bypass...
EUVD-2023-2827
Malicious code in bioql PyPI...
EUVD-2023-2651
Malicious code in bioql PyPI...
CVE-2023-44794
An issue in Dromara SaToken version 1.36.0 and before allows a remote attacker to escalate privileges via a crafted payload to the URL...
Authentication Bypass
SaToken is vulnerable to authentication bypass.The vulnerability is due to a lack of validation while fetching servlet path. The attacker is able to elevate his privileges to admin through a crafted HTTP request...
GHSA-54F6-9MX9-86F7 SaToken privilege escalation vulnerability
An issue in Dromara SaToken version 1.36.0 and before allows a remote attacker to escalate privileges via a crafted payload to the URL...
GHSA-W9VH-HV5G-7WMR SaToken authentication bypass vulnerability
An issue in Dromara SaToken version 1.3.50RC and before when using Spring dynamic controllers, a specially crafted request may cause an authentication bypass...
SaToken privilege escalation vulnerability
An issue in Dromara SaToken version 1.36.0 and before allows a remote attacker to escalate privileges via a crafted payload to the URL...
SaToken authentication bypass vulnerability
An issue in Dromara SaToken version 1.3.50RC and before when using Spring dynamic controllers, a specially crafted request may cause an authentication bypass...
CVE-2023-43961
An issue in Dromara SaToken version 1.3.50RC and before when using Spring dynamic controllers, a specially crafted request may cause an authentication bypass...
CVE-2023-44794
An issue in Dromara SaToken version 1.36.0 and before allows a remote attacker to escalate privileges via a crafted payload to the URL...
CVE-2023-43961
An issue in Dromara SaToken version 1.3.50RC and before when using Spring dynamic controllers, a specially crafted request may cause an authentication bypass...
CVE-2023-43961
An issue in Dromara SaToken version 1.3.50RC and before when using Spring dynamic controllers, a specially crafted request may cause an authentication bypass...
CVE-2023-44794
An issue in Dromara SaToken version 1.36.0 and before allows a remote attacker to escalate privileges via a crafted payload to the URL...
CVE-2023-44794
An issue in Dromara SaToken version 1.36.0 and before allows a remote attacker to escalate privileges via a crafted payload to the URL...
Design/Logic Flaw
An issue in Dromara SaToken version 1.36.0 and before allows a remote attacker to escalate privileges via a crafted payload to the URL...
Authentication flaw
An issue in Dromara SaToken version 1.3.50RC and before when using Spring dynamic controllers, a specially crafted request may cause an authentication bypass...
CVE-2023-43961
An issue in Dromara SaToken version 1.3.50RC and before when using Spring dynamic controllers, a specially crafted request may cause an authentication bypass...
CVE-2023-44794
An issue in Dromara SaToken version 1.36.0 and before allows a remote attacker to escalate privileges via a crafted payload to the URL...
SaToken authentication bypass vulnerability
An issue in Dromara SaToken version 1.3.50RC and before when using Spring dynamic controllers, a specially crafted request may cause an authentication bypass...