Lucene search
K

120 matches found

Cvelist
Cvelist
added 2026/01/23 12:0 a.m.29 views

CVE-2025-70983

Incorrect access control in the authRoutes function of SpringBlade v4.5.0 allows attackers with low-level privileges to escalate privileges...

0.00376EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/01/23 12:0 a.m.4 views

CVE-2025-70983

Incorrect access control in the authRoutes function of SpringBlade v4.5.0 allows attackers with low-level privileges to escalate privileges...

9.9CVSS5.9AI score0.00376EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/01/23 12:0 a.m.7 views

SpringBlade security vulnerabilities

SpringBlade is a microservices development platform developed by China’s Blade Company. The SpringBlade v4.5.0 version contains a security vulnerability. This vulnerability stems from improper access control in the authRoutes function, which could allow low-privilege attackers to gain higher...

9.9CVSS5.8AI score0.00376EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/01/23 12:0 a.m.9 views

PT-2026-4522

Name of the Vulnerable Software and Affected Versions SpringBlade version 4.5.0 Description A flaw exists in the authRoutes function that allows attackers with limited privileges to gain higher-level access. The issue is related to incorrect access control within this function. Recommendations...

9.9CVSS5.3AI score0.00376EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/01/09 12:30 p.m.8 views

CVE-2023-40787

In SpringBlade V3.6.0 when executing SQL query, the parameters submitted by the user are not wrapped in quotation marks, which leads to SQL injection...

9.8CVSS7.3AI score0.19377EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:29 p.m.8 views

CVE-2023-40788

SpringBlade =V3.6.0 is vulnerable to Incorrect Access Control due to incorrect configuration in the default gateway resulting in unauthorized access to error logs...

5.3CVSS6.7AI score0.00623EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-8131

Malware in sbrugna...

9.8CVSS9.2AI score0.01213EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-31074

Malicious code in bioql PyPI...

7.5CVSS6.6AI score0.0068EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.21 views

EUVD-2023-2221

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.19377EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-48890

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00637EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2023-45339

Malicious code in bioql PyPI...

5.3CVSS5.7AI score0.00623EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/05/23 7:19 a.m.12 views

CVE-2024-8023

A vulnerability classified as critical has been found in chillzhuang SpringBlade 4.1.0. Affected is an unknown function of the file /api/blade-system/menu/list?updatexml. The manipulation leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the...

9.8CVSS6.8AI score0.00637EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:24 a.m.8 views

CVE-2024-33332

An issue discovered in SpringBlade 3.7.1 allows attackers to obtain sensitive information via crafted GET request to api/blade-system/tenant...

7.5CVSS7.3AI score0.0068EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:0 a.m.7 views

CVE-2023-47458

An issue in SpringBlade v.3.7.0 and before allows a remote attacker to escalate privileges via the lack of permissions control framework...

9.8CVSS7.2AI score0.00637EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:36 p.m.6 views

CVE-2022-27360

SpringBlade v3.2.0 and below was discovered to contain a SQL injection vulnerability via the component customSqlSegment...

9.8CVSS8.3AI score0.0204EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:5 p.m.6 views

CVE-2020-16165

The DAO/DTO implementation in SpringBlade through 2.7.1 allows SQL Injection in an ORDER BY clause. This is related to the /api/blade-log/api/list ascs and desc parameters...

9.8CVSS8.1AI score0.01213EPSS
Exploits1
CVE
CVE
added 2024/08/20 11:31 p.m.81 views

CVE-2024-8023

CVE-2024-8023 describes a critical SQL injection in chillzhuang SpringBlade 4.1.0. The vulnerability affects an unknown function of the endpoint /api/blade-system/menu/list?updatexml, with remote exploitation possible. Public exploitation is noted, and vendor contact occurred without response. Co...

9.8CVSS6.8AI score0.00637EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2024/08/20 11:31 p.m.9 views

CVE-2024-8023 chillzhuang SpringBlade list sql injection

A vulnerability classified as critical has been found in chillzhuang SpringBlade 4.1.0. Affected is an unknown function of the file /api/blade-system/menu/list?updatexml. The manipulation leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the...

5.3CVSS5.7AI score0.00637EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2024/08/20 11:31 p.m.25 views

CVE-2024-8023 chillzhuang SpringBlade list sql injection

A vulnerability classified as critical has been found in chillzhuang SpringBlade 4.1.0. Affected is an unknown function of the file /api/blade-system/menu/list?updatexml. The manipulation leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the...

6.5CVSS7.2AI score0.00637EPSS
Exploits1References4
CNNVD
CNNVD
added 2024/08/20 12:0 a.m.6 views

SpringBlade SQL注入漏洞

SpringBlade is a microservices development platform from Blade, a Chinese company. A SQL injection vulnerability exists in SpringBlade version 4.1.0, which originates from /api/blade-system/menu/list?updatexml contains a SQL injection vulnerability...

9.8CVSS7AI score0.00637EPSS
Exploits1References2
Rows per page
Query Builder