5 matches found
CVE-2025-11320
A security vulnerability has been detected in zhuimengshaonian wisdom-education up to 1.0.4. Impacted is the function uploadFile of the file src/main/java/com/education/core/controller/UploadController.java. Such manipulation of the argument File leads to unrestricted upload. It is possible to...
CVE-2025-11321
CVE-2025-11321 affects zhuimengshaonian wisdom-education up to version 1.0.4. The vulnerability resides in an unknown function in src/main/java/com/education/api/controller/student/WrongBookController.java, where manipulating the subjectId argument leads to an authorization bypass. It is exploita...
EUVD-2025-32485
A security vulnerability has been detected in zhuimengshaonian wisdom-education up to 1.0.4. Impacted is the function uploadFile of the file src/main/java/com/education/core/controller/UploadController.java. Such manipulation of the argument File leads to unrestricted upload. It is possible to...
PT-2025-40849
Name of the Vulnerable Software and Affected Versions zhuimengshaonian wisdom-education versions up to 1.0.4 Description A flaw exists in zhuimengshaonian wisdom-education that allows for authorization bypass. This occurs through manipulation of the subjectId argument within an unknown function...
PT-2025-40848
Name of the Vulnerable Software and Affected Versions zhuimengshaonian wisdom-education versions prior to 1.0.5 Description A security issue exists in zhuimengshaonian wisdom-education. The uploadFile function within the file src/main/java/com/education/core/controller/UploadController.java is...