CVE-2025-8841

A vulnerability was identified in zlt2000 microservices-platform up to 6.0.0. Affected by this vulnerability is the function Upload of the file zlt-business/file-center/src/main/java/com/central/file/controller/FileController.java. The manipulation leads to unrestricted upload. The attack can be...

CVE-2025-8841

A vulnerability was identified in zlt2000 microservices-platform up to 6.0.0. Affected by this vulnerability is the function Upload of the file zlt-business/file-center/src/main/java/com/central/file/controller/FileController.java. The manipulation leads to unrestricted upload. The attack can be...

CVE-2025-8841

A vulnerability was identified in zlt2000 microservices-platform up to 6.0.0. Affected by this vulnerability is the function Upload of the file zlt-business/file-center/src/main/java/com/central/file/controller/FileController.java. The manipulation leads to unrestricted upload. The attack can be...

CVE-2025-8841 zlt2000 microservices-platform FileController.java upload unrestricted upload

A vulnerability was identified in zlt2000 microservices-platform up to 6.0.0. Affected by this vulnerability is the function Upload of the file zlt-business/file-center/src/main/java/com/central/file/controller/FileController.java. The manipulation leads to unrestricted upload. The attack can be...

CVE-2025-8841

CVE-2025-8841 affects zlt2000 microservices-platform up to version 6.0.0. The vulnerability resides in the Upload function of zlt-business/file-center/src/main/java/com/central/file/controller/FileController.java and enables unrestricted file uploads. Attack can be launched remotely, and public d...

CVE-2025-8737

A vulnerability, which was classified as problematic, was found in zlt2000 microservices-platform up to 6.0.0. This affects the function onLogoutSuccess of the file src/main/java/com/central/oauth/handler/OauthLogoutSuccessHandler.java. The manipulation of the argument redirecturl leads to open...

CVE-2025-8737

A vulnerability, which was classified as problematic, was found in zlt2000 microservices-platform up to 6.0.0. This affects the function onLogoutSuccess of the file src/main/java/com/central/oauth/handler/OauthLogoutSuccessHandler.java. The manipulation of the argument redirecturl leads to open...

CVE-2025-8738 zlt2000 microservices-platform Spring Actuator Interface actuator information disclosure

A vulnerability has been found in zlt2000 microservices-platform up to 6.0.0 and classified as problematic. This vulnerability affects unknown code of the file /actuator of the component Spring Actuator Interface. The manipulation leads to information disclosure. The attack can be initiated...

CVE-2025-8738

CVE-2025-8738 affects zlt2000 microservices-platform

CVE-2025-8737

The CVE-2025-8737 entry concerns zlt2000 microservices-platform (up to 6.0.0). A vulnerability exists in the onLogoutSuccess function (OauthLogoutSuccessHandler.java) where manipulating the redirect_url argument causes an open redirect. Exploitation can be performed remotely, and public disclosur...

PT-2025-32408 · Unknown · Zlt2000 Microservices-Platform

Name of the Vulnerable Software and Affected Versions: zlt2000 microservices-platform versions through 6.0.0 Description: A problematic issue exists in zlt2000 microservices-platform. The issue is related to an open redirect vulnerability within the onLogoutSuccess function located in the file...