Malicious code in springboot-js (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 767553d0189c47e072ca2eccece5b848745a1f6faaf34987293d9232d32f48fa Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-4889 Malicious code in springboot-md (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9a8c54ec931e96de6b2788e07cecb1d64ae325d3df32749035073a24f1a762c2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in springboot-md (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9a8c54ec931e96de6b2788e07cecb1d64ae325d3df32749035073a24f1a762c2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-4888 Malicious code in springboot-js (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 767553d0189c47e072ca2eccece5b848745a1f6faaf34987293d9232d32f48fa Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

WebStack-Guns 安全漏洞

WebStack-Guns is an open source URL navigation website project by Dana Keeling, an individual developer, with a backend based on Guns and Springboot. A security vulnerability exists in WebStack-Guns version 1.0, which stems from vulnerability to cross-site request forgery attacks...

shiyi-blog 安全漏洞

shiyi-blog is a vue+springboot front-end and back-end separated blog system by bule individual developer. A security vulnerability exists in shiyi-blog 1.2.1 and earlier versions, which stems from an improper authorization issue...

shiyi-blog 安全漏洞

shiyi-blog is a vue+springboot front-end and back-end separated blog system by bule individual developer. A security vulnerability exists in shiyi-blog 1.2.1 and earlier versions, which stems from path traversal due to incorrect operation of the file/source parameter...

📄 Java-springboot-codebase 1.1 Arbitrary File Read

Java-sprintboot-codebase version 1.1 suffers from an arbitrary file read vulnerability. Exploit Title: Java-springboot-codebase 1.1 - Arbitrary File Read Google Dork: Date: 23/May/2025 Exploit Author: d3sca Vendor Homepage: https://github.com/OsamaTaher/Java-springboot-codebase Software Link:...

Java-springboot-codebase 1.1 - Arbitrary File Read

Exploit Title: Java-springboot-codebase 1.1 - Arbitrary File Read Google Dork: Date: 23/May/2025 Exploit Author: d3sca Vendor Homepage: https://github.com/OsamaTaher/Java-springboot-codebase Software Link: https://github.com/OsamaTaher/Java-springboot-codebase Version: app version 1.1 Tested on:...

CVE-2024-24061

springboot-manager v1.6 is vulnerable to Cross Site Scripting XSS via /sysContent/add...

CVE-2024-24062

springboot-manager v1.6 is vulnerable to Cross Site Scripting XSS via /sys/role...

CVE-2024-24059

springboot-manager v1.6 is vulnerable to Arbitrary File Upload. The system does not filter the suffixes of uploaded files...

CVE-2024-24060

springboot-manager v1.6 is vulnerable to Cross Site Scripting XSS via /sys/user...

CVE-2024-13201

A vulnerability has been found in wander-chu SpringBoot-Blog 1.0 and classified as critical. This vulnerability affects the function upload of the file src/main/java/com/my/blog/website/controller/admin/AttachtController.java of the component Admin Attachment Handler. The manipulation of the...

CVE-2024-13202

A vulnerability was found in wander-chu SpringBoot-Blog 1.0 and classified as problematic. This issue affects the function modifiyArticle of the file src/main/java/com/my/blog/website/controller/admin/PageController.java of the component Blog Article Handler. The manipulation of the argument...

CVE-2025-45618

Incorrect access control in the component /admin/sys/datasource/ajaxList of jeeweb-mybatis-springboot v0.0.1.RELEASE allows attackers to access sensitive information via a crafted payload...

CVE-2025-45618

Incorrect access control in the component /admin/sys/datasource/ajaxList of jeeweb-mybatis-springboot v0.0.1.RELEASE allows attackers to access sensitive information via a crafted payload...

CVE-2025-45618

Incorrect access control in the component /admin/sys/datasource/ajaxList of jeeweb-mybatis-springboot v0.0.1.RELEASE allows attackers to access sensitive information via a crafted payload...

CVE-2025-45618

CVE-2025-45618 affects jeeweb-mybatis-springboot v0.0.1.RELEASE, with an incorrect access control issue in the component /admin/sys/datasource/ajaxList. The vulnerability allows an attacker to access sensitive information via a crafted payload. The public documentation consistently states imprope...

jeeweb-mybatis-springboot 安全漏洞

jeeweb-mybatis-springboot is a Java web distributed development system by huangjian888 individual developer. A security vulnerability exists in jeeweb-mybatis-springboot v0.0.1, which stems from improper access control of the component /admin/sys/datasource/ajaxList, which could result in access ...