5 matches found
EUVD-2025-26359
Malicious code in bioql PyPI...
CVE-2025-9795
A vulnerability has been found in xujeff tianti 天梯 up to 2.3. The impacted element is the function ajaxUploadFile of the file src/main/java/com/jeff/tianti/controller/UploadController.java. The manipulation of the argument upfile leads to unrestricted upload. It is possible to initiate the attack...
CVE-2025-9795 xujeff tianti 天梯 UploadController.java ajaxUploadFile unrestricted upload
A vulnerability has been found in xujeff tianti 天梯 up to 2.3. The impacted element is the function ajaxUploadFile of the file src/main/java/com/jeff/tianti/controller/UploadController.java. The manipulation of the argument upfile leads to unrestricted upload. It is possible to initiate the attack...
CVE-2025-8807 xujeff tianti 天梯 save authorization
A vulnerability was found in xujeff tianti 天梯 up to 2.3. It has been declared as critical. This vulnerability affects unknown code of the file /tianti-module-admin/user/ajax/save. The manipulation leads to missing authorization. The attack can be initiated remotely. The exploit has been disclosed...
PT-2025-32481 · Unknown · Xujeff Tianti 天梯
Name of the Vulnerable Software and Affected Versions: xujeff tianti 天梯 versions prior to 2.3 Description: A critical issue exists in xujeff tianti 天梯, potentially leading to missing authorization. The vulnerability affects unknown code within the /tianti-module-admin/user/ajax/save API endpoint...