Gin-vue-admin Security Vulnerabilities and Issues — Gin-vue-admin CVE List

Lucene search

Gin-vue-admin ProjectGin-vue-admin

5 matches found

CVE•added 2022/10/25 5:15 p.m.•50 views

CVE-2022-39345

Gin-vue-admin is a backstage management system based on vue and gin, which separates the front and rear of the full stack. Gin-vue-admin prior to 2.5.4 is vulnerable to path traversal, which leads to file upload vulnerabilities. Version 2.5.4 contains a patch for this issue. There are no workaround...

9.8CVSS8.8AI score0.00211EPSS

CVE•added 2022/10/24 2:15 p.m.•49 views

CVE-2022-39305

Gin-vue-admin is a backstage management system based on vue and gin, which separates the front and rear of the full stack. Versions prior to 2.5.4 contain a file upload ability. The affected code fails to validate fileMd5 and fileName parameters, resulting in an arbitrary file being read. This issu...

9.8CVSS9.5AI score0.001EPSS

CVE•added 2022/10/17 7:15 p.m.•42 views

CVE-2022-32176

In "Gin-Vue-Admin", versions v2.5.1 through v2.5.3b are vulnerable to Unrestricted File Upload that leads to execution of javascript code, through the "Compress Upload" functionality to the Media Library. When an admin user views the uploaded file, a low privilege attacker will get access to the ad...

9CVSS9.2AI score0.00103EPSS

CVE•added 2021/11/24 11:15 p.m.•40 views

CVE-2021-44219

Gin-Vue-Admin before 2.4.6 mishandles a SQL database.

9.8CVSS9.6AI score0.00363EPSS

CVE•added 2022/10/14 7:15 a.m.•40 views

CVE-2022-32177

In "Gin-Vue-Admin", versions v2.5.1 through v2.5.3beta are vulnerable to Unrestricted File Upload that leads to execution of javascript code, through the 'Normal Upload' functionality to the Media Library. When an admin user views the uploaded file, a low privilege attacker will get access to the a...

9CVSS9.2AI score0.00182EPSS