fushuling

4 exploits Active since Aug 2024
CVE-2024-50645 GITEE CRITICAL WRITEUP
MallChat v1.0-SNAPSHOT - Auth Bypass
MallChat v1.0-SNAPSHOT has an authentication bypass vulnerability. An attacker can exploit this vulnerability to access API without any token.
1 stars
CVSS 9.8
CVE-2024-50644 GITEE CRITICAL WRITEUP
zhisheng17 blog 3.0.1-SNAPSHOT - Auth Bypass
zhisheng17 blog 3.0.1-SNAPSHOT has an authentication bypass vulnerability. An attacker can exploit this vulnerability to access API without any token.
1 stars
CVSS 9.8
CVE-2024-42599 GITEE HIGH WRITEUP
SeaCMS 13.0 - Authenticated Remote Code Execution via admin_files.php
SeaCMS 13.0 has a remote code execution vulnerability. The reason for this vulnerability is that although admin_files.php imposes restrictions on edited files, attackers can still bypass these restrictions and write code, allowing authenticated attackers to exploit the vulnerability to execute arbitrary commands and gain system privileges.
1 stars
CVSS 8.8
CVE-2024-42598 GITEE MEDIUM WRITEUP
SeaCMS 13.0 - Authenticated Remote Code Execution via admin_editplayer.php
SeaCMS 13.0 has a remote code execution vulnerability. The reason for this vulnerability is that although admin_editplayer.php imposes restrictions on edited files, attackers can still bypass these restrictions and write code, allowing authenticated attackers to exploit the vulnerability to execute arbitrary commands and gain system privileges.
1 stars
CVSS 6.7