EUVD-2022-33030

Malicious code in bioql PyPI...

EUVD-2022-33432

Malicious code in bioql PyPI...

CVE-2022-28588

In SpringBootMovie =1.2 when adding movie names, malicious code can be stored because there are no filtering parameters, resulting in stored XSS...

SpringBootMovie Cross-Site Scripting Vulnerability

SpringBootMovie, a Spring Boot-based movie website, is vulnerable to a cross-site scripting vulnerability in SpringBootMovie version 1.2 and earlier, which stems from a failure to filter parameters when adding movie names. An attacker could exploit this vulnerability to execute JavaScript code on...

CVE-2022-29001

In SpringBootMovie =1.2, the uploaded file suffix parameter is not filtered, resulting in arbitrary file upload vulnerability...

CVE-2022-29001

In SpringBootMovie =1.2, the uploaded file suffix parameter is not filtered, resulting in arbitrary file upload vulnerability...

CVE-2022-29001

In SpringBootMovie =1.2, the uploaded file suffix parameter is not filtered, resulting in arbitrary file upload vulnerability...

CVE-2022-28588

In SpringBootMovie =1.2 when adding movie names, malicious code can be stored because there are no filtering parameters, resulting in stored XSS...

CVE-2022-28588

In SpringBootMovie =1.2 when adding movie names, malicious code can be stored because there are no filtering parameters, resulting in stored XSS...

Cross site scripting

In SpringBootMovie =1.2 when adding movie names, malicious code can be stored because there are no filtering parameters, resulting in stored XSS...

Privilege escalation

In SpringBootMovie =1.2, the uploaded file suffix parameter is not filtered, resulting in arbitrary file upload vulnerability...

CVE-2022-29001

In SpringBootMovie =1.2, the uploaded file suffix parameter is not filtered, resulting in arbitrary file upload vulnerability...

CVE-2022-29001

The CVE-2022-29001 entry affects SpringBootMovie

CVE-2022-28588

In SpringBootMovie =1.2 when adding movie names, malicious code can be stored because there are no filtering parameters, resulting in stored XSS...

CVE-2022-28588

CVE-2022-28588 affects SpringBootMovie up to version 1.2, where adding movie names allows stored XSS due to missing input filtering. The issue stems from failure to filter parameters when accepting movie names, enabling injection of malicious code stored in the app. Documented impact: client-side...

SpringBootMovie 代码问题漏洞

SpringBootMovie is a Spring Boot based movie website. A security vulnerability exists in SpringBootMovie version 1.2 and earlier versions, which stems from an unfiltered upload file suffix parameter, resulting in an arbitrary file upload vulnerability...