dongodid

1 exploit Active since Oct 2025
CVE-2025-12305 WRITEUP MEDIUM WRITEUP
shiyi-blog < 1.2.1 - Remote Code Execution via Deserialization in Job Handler
A vulnerability was found in quequnlong shiyi-blog up to 1.2.1. This impacts an unknown function of the file src/main/java/com/mojian/controller/SysJobController.java of the component Job Handler. The manipulation results in deserialization. The attack can be executed remotely. The exploit has been made public and could be used.
CVSS 6.3