22 matches found
CVE-2025-11320
A security vulnerability has been detected in zhuimengshaonian wisdom-education up to 1.0.4. Impacted is the function uploadFile of the file src/main/java/com/education/core/controller/UploadController.java. Such manipulation of the argument File leads to unrestricted upload. It is possible to...
CVE-2025-11321
A vulnerability was detected in zhuimengshaonian wisdom-education up to 1.0.4. The affected element is an unknown function of the file src/main/java/com/education/api/controller/student/WrongBookController.java. Performing manipulation of the argument subjectId results in authorization bypass. Th...
CVE-2025-11321
A vulnerability was detected in zhuimengshaonian wisdom-education up to 1.0.4. The affected element is an unknown function of the file src/main/java/com/education/api/controller/student/WrongBookController.java. Performing manipulation of the argument subjectId results in authorization bypass. Th...
CVE-2025-11320
A security vulnerability has been detected in zhuimengshaonian wisdom-education up to 1.0.4. Impacted is the function uploadFile of the file src/main/java/com/education/core/controller/UploadController.java. Such manipulation of the argument File leads to unrestricted upload. It is possible to...
CVE-2025-11321 zhuimengshaonian wisdom-education WrongBookController.java authorization
A vulnerability was detected in zhuimengshaonian wisdom-education up to 1.0.4. The affected element is an unknown function of the file src/main/java/com/education/api/controller/student/WrongBookController.java. Performing manipulation of the argument subjectId results in authorization bypass. Th...
CVE-2025-11321 zhuimengshaonian wisdom-education WrongBookController.java authorization
A vulnerability was detected in zhuimengshaonian wisdom-education up to 1.0.4. The affected element is an unknown function of the file src/main/java/com/education/api/controller/student/WrongBookController.java. Performing manipulation of the argument subjectId results in authorization bypass. Th...
CVE-2025-11321
CVE-2025-11321 affects zhuimengshaonian wisdom-education up to version 1.0.4. The vulnerability resides in an unknown function in src/main/java/com/education/api/controller/student/WrongBookController.java, where manipulating the subjectId argument leads to an authorization bypass. It is exploita...
EUVD-2025-32485
A security vulnerability has been detected in zhuimengshaonian wisdom-education up to 1.0.4. Impacted is the function uploadFile of the file src/main/java/com/education/core/controller/UploadController.java. Such manipulation of the argument File leads to unrestricted upload. It is possible to...
CVE-2025-11320 zhuimengshaonian wisdom-education UploadController.java uploadFile unrestricted upload
A security vulnerability has been detected in zhuimengshaonian wisdom-education up to 1.0.4. Impacted is the function uploadFile of the file src/main/java/com/education/core/controller/UploadController.java. Such manipulation of the argument File leads to unrestricted upload. It is possible to...
CVE-2025-11320 zhuimengshaonian wisdom-education UploadController.java uploadFile unrestricted upload
A security vulnerability has been detected in zhuimengshaonian wisdom-education up to 1.0.4. Impacted is the function uploadFile of the file src/main/java/com/education/core/controller/UploadController.java. Such manipulation of the argument File leads to unrestricted upload. It is possible to...
CVE-2025-11320
CVE-2025-11320 affects zhuimengshaonian wisdom-education up to 1.0.4. The vulnerability lies in the uploadFile function in src/main/java/com/education/core/controller/UploadController.java, where improper handling/manipulation of the File argument enables unrestricted file upload. Remote exploita...
PT-2025-40849
Name of the Vulnerable Software and Affected Versions zhuimengshaonian wisdom-education versions up to 1.0.4 Description A flaw exists in zhuimengshaonian wisdom-education that allows for authorization bypass. This occurs through manipulation of the subjectId argument within an unknown function...
wisdom-education 安全漏洞
wisdom-education is a cloud intelligence education platform by zhuimengshaonian individual developer. A security vulnerability exists in wisdom-education 1.0.4 and earlier versions, which originates from the incorrect operation of subjectId in the file...
wisdom-education 代码问题漏洞
wisdom-education is a cloud intelligence education platform by zhuimengshaonian individual developer. A code issue vulnerability exists in wisdom-education 1.0.4 and earlier versions, which stems from the incorrect manipulation of the parameter File in the file...
PT-2025-40848
Name of the Vulnerable Software and Affected Versions zhuimengshaonian wisdom-education versions prior to 1.0.5 Description A security issue exists in zhuimengshaonian wisdom-education. The uploadFile function within the file src/main/java/com/education/core/controller/UploadController.java is...
EUVD-2025-31441
Malicious code in bioql PyPI...
CVE-2025-11080
A security vulnerability has been detected in zhuimengshaonian wisdom-education up to 1.0.4. This vulnerability affects the function selectStudentExamInfoList of the file src/main/java/com/education/api/controller/student/ExamInfoController.java. Such manipulation of the argument subjectId leads ...
CVE-2025-11080
A security vulnerability has been detected in zhuimengshaonian wisdom-education up to 1.0.4. This vulnerability affects the function selectStudentExamInfoList of the file src/main/java/com/education/api/controller/student/ExamInfoController.java. Such manipulation of the argument subjectId leads ...
CVE-2025-11080 zhuimengshaonian wisdom-education ExamInfoController.java selectStudentExamInfoList improper authorization
A security vulnerability has been detected in zhuimengshaonian wisdom-education up to 1.0.4. This vulnerability affects the function selectStudentExamInfoList of the file src/main/java/com/education/api/controller/student/ExamInfoController.java. Such manipulation of the argument subjectId leads ...
CVE-2025-11080 zhuimengshaonian wisdom-education ExamInfoController.java selectStudentExamInfoList improper authorization
A security vulnerability has been detected in zhuimengshaonian wisdom-education up to 1.0.4. This vulnerability affects the function selectStudentExamInfoList of the file src/main/java/com/education/api/controller/student/ExamInfoController.java. Such manipulation of the argument subjectId leads ...