25 matches found
EUVD-2025-6454
Malicious code in bioql PyPI...
EUVD-2025-6457
Malicious code in bioql PyPI...
EUVD-2025-10411
Malicious code in bioql PyPI...
CVE-2025-3398
A vulnerability classified as critical was found in lenve VBlog up to 1.0.0. Affected by this vulnerability is the function configure of the file blogserver/src/main/java/org/sang/config/WebSecurityConfig.java. The manipulation leads to improper access controls. The attack can be launched remotel...
CVE-2025-3398
A vulnerability classified as critical was found in lenve VBlog up to 1.0.0. Affected by this vulnerability is the function configure of the file blogserver/src/main/java/org/sang/config/WebSecurityConfig.java. The manipulation leads to improper access controls. The attack can be launched remotel...
CVE-2025-3398
CVE-2025-3398 affects lenve VBlog up to 1.0.0. The vulnerability resides in the configure function of WebSecurityConfig.java, enabling improper access controls and permitting remote attacks. Multiple sources (Red Hat, NVD/CVE entry, CVE list) describe the issue as critical with remote exploitatio...
CVE-2025-3398 lenve VBlog WebSecurityConfig.java configure access control
A vulnerability classified as critical was found in lenve VBlog up to 1.0.0. Affected by this vulnerability is the function configure of the file blogserver/src/main/java/org/sang/config/WebSecurityConfig.java. The manipulation leads to improper access controls. The attack can be launched remotel...
CVE-2025-3398 lenve VBlog WebSecurityConfig.java configure access control
A vulnerability classified as critical was found in lenve VBlog up to 1.0.0. Affected by this vulnerability is the function configure of the file blogserver/src/main/java/org/sang/config/WebSecurityConfig.java. The manipulation leads to improper access controls. The attack can be launched remotel...
VBlog 安全漏洞
VBlog is a multi-user blog management platform for lenve individual developers. A security vulnerability exists in VBlog 1.0.0 and earlier versions, which stems from improper access control in WebSecurityConfig.java, which could lead to elevated privileges...
PT-2025-15315 · Unknown · Lenve Vblog
Name of the Vulnerable Software and Affected Versions: Lenve VBlog versions up to 1.0.0 Description: A critical issue was found, affecting the configure function of the WebSecurityConfig.java file. This leads to improper access controls, allowing remote attacks. The issue has been publicly...
CVE-2025-2363
A vulnerability classified as critical has been found in lenve VBlog up to 1.0.0. Affected is the function uploadImg of the file blogserver/src/main/java/org/sang/controller/ArticleController.java. The manipulation of the argument filename leads to path traversal. It is possible to launch the...
CVE-2025-2364
A vulnerability classified as problematic was found in lenve VBlog up to 1.0.0. Affected by this vulnerability is the function addNewArticle of the file blogserver/src/main/java/org/sang/service/ArticleService.java. The manipulation of the argument mdContent/htmlContent leads to cross site...
CVE-2025-2363
A vulnerability classified as critical has been found in lenve VBlog up to 1.0.0. Affected is the function uploadImg of the file blogserver/src/main/java/org/sang/controller/ArticleController.java. The manipulation of the argument filename leads to path traversal. It is possible to launch the...
CVE-2025-2364
A vulnerability classified as problematic was found in lenve VBlog up to 1.0.0. Affected by this vulnerability is the function addNewArticle of the file blogserver/src/main/java/org/sang/service/ArticleService.java. The manipulation of the argument mdContent/htmlContent leads to cross site...
CVE-2025-2364 lenve VBlog ArticleService.java addNewArticle cross site scripting
A vulnerability classified as problematic was found in lenve VBlog up to 1.0.0. Affected by this vulnerability is the function addNewArticle of the file blogserver/src/main/java/org/sang/service/ArticleService.java. The manipulation of the argument mdContent/htmlContent leads to cross site...
CVE-2025-2364 lenve VBlog ArticleService.java addNewArticle cross site scripting
A vulnerability classified as problematic was found in lenve VBlog up to 1.0.0. Affected by this vulnerability is the function addNewArticle of the file blogserver/src/main/java/org/sang/service/ArticleService.java. The manipulation of the argument mdContent/htmlContent leads to cross site...
CVE-2025-2364
Vulnerability context: lenve VBlog up to version 1.0.0 contains a Cross-Site Scripting (XSS) flaw in addNewArticle (blogserver/src/main/java/org/sang/service/ArticleService.java). The issue arises from manipulating the arguments mdContent/htmlContent, enabling remote exploitation. Public exploit ...
CVE-2025-2363 lenve VBlog ArticleController.java uploadImg path traversal
A vulnerability classified as critical has been found in lenve VBlog up to 1.0.0. Affected is the function uploadImg of the file blogserver/src/main/java/org/sang/controller/ArticleController.java. The manipulation of the argument filename leads to path traversal. It is possible to launch the...
CVE-2025-2363
The CVE-2025-2363 entry concerns lenve VBlog up to 1.0.0. Affected is the function uploadImg in blogserver/src/main/java/org/sang/controller/ArticleController.java. The filename argument manipulation leads to path traversal, enabling a remote attack. Public exploit disclosure is noted, and the ve...
CVE-2025-2363 lenve VBlog ArticleController.java uploadImg path traversal
A vulnerability classified as critical has been found in lenve VBlog up to 1.0.0. Affected is the function uploadImg of the file blogserver/src/main/java/org/sang/controller/ArticleController.java. The manipulation of the argument filename leads to path traversal. It is possible to launch the...