Lucene search
K

64 matches found

CNNVD
CNNVD
added 2025/07/18 12:0 a.m.6 views

Thinkgem JeeSite 安全漏洞

Thinkgem JeeSite is an open source Java EE enterprise-class rapid development platform of China Zhuo Yuan Thinkgem company . The platform includes system permissions components , data permissions components , data dictionary components , core tools components , view manipulation components ,...

5.3CVSS4.9AI score0.00403EPSS
Exploits1References8
NVD
NVD
added 2025/07/17 11:15 p.m.4 views

CVE-2025-7763

A vulnerability, which was classified as problematic, was found in thinkgem JeeSite up to 5.12.0. Affected is the function select of the file src/main/java/com/jeesite/modules/cms/web/SiteController.java of the component Site Controller. The manipulation of the argument redirect leads to open...

5.3CVSS0.00397EPSS
Exploits1References6
OSV
OSV
added 2025/07/17 10:15 p.m.4 views

CVE-2025-7759

A vulnerability was identified in thinkgem JeeSite up to 5.12.0. This vulnerability affects unknown code of the file modules/core/src/main/java/com/jeesite/common/ueditor/ActionEnter.java of the component UEditor Image Grabber. Such manipulation of the argument Source leads to server-side request...

8.8CVSS6.3AI score
Exploits0References6
Vulnrichment
Vulnrichment
added 2025/07/17 10:14 p.m.4 views

CVE-2025-7763 thinkgem JeeSite Site Controller/SSO redirect

A vulnerability, which was classified as problematic, was found in thinkgem JeeSite up to 5.12.0. Affected is an unknown function of the component Site Controller/SSO. The manipulation leads to open redirect. It is possible to launch the attack remotely. The exploit has been disclosed to the publ...

5.3CVSS4.7AI score0.00397EPSS
Exploits1References8
CVE
CVE
added 2025/07/17 10:14 p.m.19 views

CVE-2025-7763

CVE-2025-7763 affects thinkgem JeeSite up to version 5.12.0. The vulnerability lies in the Site Controller’s SiteController.java, where manipulation of the redirect argument in the select function causes an open redirect. Exploitation can be performed remotely, and public disclosure of the exploi...

5.3CVSS4.7AI score0.00397EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2025/07/17 10:14 p.m.11 views

CVE-2025-7763 thinkgem JeeSite Site Controller SiteController.java select redirect

A vulnerability, which was classified as problematic, was found in thinkgem JeeSite up to 5.12.0. Affected is the function select of the file src/main/java/com/jeesite/modules/cms/web/SiteController.java of the component Site Controller. The manipulation of the argument redirect leads to open...

5.3CVSS0.00397EPSS
Exploits1References6
Cvelist
Cvelist
added 2025/07/17 9:32 p.m.22 views

CVE-2025-7759 thinkgem JeeSite UEditor Image Grabber ActionEnter.java server-side request forgery

A vulnerability was identified in thinkgem JeeSite up to 5.12.0. This vulnerability affects unknown code of the file modules/core/src/main/java/com/jeesite/common/ueditor/ActionEnter.java of the component UEditor Image Grabber. Such manipulation of the argument Source leads to server-side request...

6.5CVSS0.00309EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2025/07/17 9:32 p.m.10 views

CVE-2025-7759 thinkgem JeeSite UEditor Image Grabber ActionEnter.java server-side request forgery

A vulnerability was identified in thinkgem JeeSite up to 5.12.0. This vulnerability affects unknown code of the file modules/core/src/main/java/com/jeesite/common/ueditor/ActionEnter.java of the component UEditor Image Grabber. Such manipulation of the argument Source leads to server-side request...

6.5CVSS6.3AI score0.00309EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2025/07/17 12:0 a.m.3 views

PT-2025-29981

Name of the Vulnerable Software and Affected Versions thinkgem JeeSite versions up to 5.12.0 Description A problematic vulnerability exists in thinkgem JeeSite. The select function within the src/main/java/com/jeesite/modules/cms/web/SiteController.java file of the Site Controller component is...

5.3CVSS4AI score0.00397EPSS
Exploits1References19
CNNVD
CNNVD
added 2025/07/17 12:0 a.m.3 views

Thinkgem JeeSite 输入验证错误漏洞

Thinkgem JeeSite is an open source Java EE enterprise-class rapid development platform of China Zhuo Yuan Thinkgem company . The platform includes system permissions components , data permissions components , data dictionary components , core tools components , view manipulation components ,...

5.3CVSS4.9AI score0.00397EPSS
Exploits1References8
CNNVD
CNNVD
added 2025/07/17 12:0 a.m.4 views

Thinkgem JeeSite 代码问题漏洞

Thinkgem JeeSite is an open source Java EE enterprise-class rapid development platform of China Joyuan Thinkgem company . The platform includes system permissions components , data permissions components , data dictionary components , core tools components , view manipulation components , workflo...

8.8CVSS6.5AI score0.00309EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2025/07/17 12:0 a.m.4 views

PT-2025-29978

Name of the Vulnerable Software and Affected Versions thinkgem JeeSite versions up to 5.12.0 Description A critical vulnerability exists in thinkgem JeeSite. The issue is located in an unknown part of the file modules/core/src/main/java/com/jeesite/common/ueditor/ActionEnter.java within the UEdit...

8.8CVSS6.3AI score0.00309EPSS
Exploits1References15
RedhatCVE
RedhatCVE
added 2025/05/28 1:46 p.m.14 views

CVE-2025-5186

A vulnerability was found in thinkgem JeeSite up to 5.11.1. It has been rated as critical. Affected by this issue is the function ResourceLoader.getResource of the file /cms/fileTemplate/form of the component URI Scheme Handler. The manipulation of the argument Name leads to server-side request...

6.5CVSS6.9AI score0.00387EPSS
Exploits1References1
NVD
NVD
added 2025/05/26 1:15 p.m.13 views

CVE-2025-5186

A vulnerability was found in thinkgem JeeSite up to 5.11.1. It has been rated as critical. Affected by this issue is the function ResourceLoader.getResource of the file /cms/fileTemplate/form of the component URI Scheme Handler. The manipulation of the argument Name leads to server-side request...

8.8CVSS0.00387EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/05/26 1:0 p.m.9 views

CVE-2025-5186 thinkgem JeeSite URI Scheme form ResourceLoader.getResource server-side request forgery

A vulnerability was found in thinkgem JeeSite up to 5.11.1. It has been rated as critical. Affected by this issue is the function ResourceLoader.getResource of the file /cms/fileTemplate/form of the component URI Scheme Handler. The manipulation of the argument Name leads to server-side request...

6.5CVSS6.4AI score0.00387EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/05/26 1:0 p.m.11 views

CVE-2025-5186 thinkgem JeeSite URI Scheme form ResourceLoader.getResource server-side request forgery

A vulnerability was found in thinkgem JeeSite up to 5.11.1. It has been rated as critical. Affected by this issue is the function ResourceLoader.getResource of the file /cms/fileTemplate/form of the component URI Scheme Handler. The manipulation of the argument Name leads to server-side request...

6.5CVSS0.00387EPSS
Exploits1References4
CVE
CVE
added 2025/05/26 1:0 p.m.52 views

CVE-2025-5186

CVE-2025-5186 affects thinkgem JeeSite up to 5.11.1. The vulnerability concerns ResourceLoader.getResource in the URI Scheme Handler, specifically the /cms/fileTemplate/form component, where manipulating the Name parameter leads to server-side request forgery (SSRF). The issue can be exploited re...

8.8CVSS6.5AI score0.00387EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2025/05/26 12:0 a.m.3 views

Thinkgem JeeSite 代码问题漏洞

Thinkgem JeeSite is an open source Java EE enterprise-class rapid development platform of China Joyuan Thinkgem company . The platform includes system permissions components , data permissions components , data dictionary components , core tools components , view manipulation components , workflo...

8.8CVSS6.4AI score0.00387EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/05/26 12:0 a.m.5 views

PT-2025-22928 · Thinkgem · Thinkgem Jeesite

Name of the Vulnerable Software and Affected Versions: thinkgem JeeSite versions up to 5.11.1 Description: A critical issue affects the function ResourceLoader.getResource of the file /cms/fileTemplate/form in the component URI Scheme Handler. The manipulation of the argument Name leads to...

6.5CVSS6.2AI score0.00387EPSS
Exploits1References6
NVD
NVD
added 2024/08/23 3:15 p.m.18 views

CVE-2024-8112

A vulnerability was found in thinkgem JeeSite 5.3. It has been rated as problematic. This issue affects some unknown processing of the file /js/a/login of the component Cookie Handler. The manipulation of the argument skinName leads to cross site scripting. The attack may be initiated remotely. T...

6.9CVSS0.00451EPSS
Exploits1References3
Rows per page
Query Builder