Lucene search
+L

7 matches found

vulnrichment
vulnrichment
added 2026/02/25 3:32 p.m.3 views

CVE-2026-3188 feiyuchuixue sz-boot-parent API templates path traversal

A security flaw has been discovered in feiyuchuixue sz-boot-parent up to 1.3.2-beta. This affects an unknown part of the file /api/admin/common/download/templates of the component API. Performing a manipulation of the argument templateName results in path traversal. Remote exploitation of the...

5.3CVSS5.5AI score0.00325EPSS
Exploits0References7
nvd
nvd
added 2026/02/25 2:16 p.m.19 views

CVE-2026-3186

A vulnerability was determined in feiyuchuixue sz-boot-parent up to 1.3.2-beta. Affected by this vulnerability is an unknown functionality of the file /api/admin/sys-user/reset/password/ of the component Password Reset Handler. This manipulation of the argument userId causes use of default...

6.5CVSS0.00222EPSS
Exploits1References7
osv
osv
added 2026/02/25 1:32 p.m.8 views

CVE-2026-3185 feiyuchuixue sz-boot-parent API Endpoint sys-message authorization

A vulnerability was found in feiyuchuixue sz-boot-parent up to 1.3.2-beta. Affected is an unknown function of the file /api/admin/sys-message/ of the component API Endpoint. The manipulation of the argument messageId results in authorization bypass. The attack can be launched remotely. The exploi...

6.9CVSS5.7AI score0.0044EPSS
Exploits1References9
cnnvd
cnnvd
added 2026/02/25 12:0 a.m.11 views

Sz-Admin 代码问题漏洞

Sz-Admin is a mid-backend management software developed by INS6+ individual developers. Versions of Sz-Admin such as 1.3.2-beta and earlier contained code vulnerabilities. These vulnerabilities stemmed from incorrect handling of parameters in the files/download file and API, particularly the url...

3.1CVSS5.9AI score0.00212EPSS
Exploits0References8
ptsecurity
ptsecurity
added 2026/02/25 12:0 a.m.13 views

PT-2026-21912

A vulnerability was identified in feiyuchuixue sz-boot-parent up to 1.3.2-beta. Affected by this issue is some unknown functionality of the file /api/admin/sys-file/upload of the component API Endpoint. Such manipulation leads to unrestricted upload. The attack may be launched remotely. The explo...

6.5CVSS5AI score0.00307EPSS
Exploits1References8
ptsecurity
ptsecurity
added 2026/02/25 12:0 a.m.20 views

PT-2026-21907

A vulnerability was found in feiyuchuixue sz-boot-parent up to 1.3.2-beta. Affected is an unknown function of the file /api/admin/sys-message/ of the component API Endpoint. The manipulation of the argument messageId results in authorization bypass. The attack can be launched remotely. The exploi...

6.9CVSS5.1AI score0.0044EPSS
Exploits1References8
securityvulns
securityvulns
added 2006/10/30 12:0 a.m.48 views

MHL-2006-003 Public Advisory: "ezOnlineGallery" Multiple Security Issues

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 MHL-2006-003 - Public Advisory +-----------------------------------------------------------+ | ezOnlineGallery Multiple Security Issues | +-----------------------------------------------------------+ PUBLISHED ON October 26th, 2006 PUBLISHED AT...

0.4AI score
Exploits0
Rows per page
Query Builder