Gitee Exploits

260 exploits tracked across all sources.

Sort: Activity Stars
CVE-2025-8752 GITEE HIGH java
Xuanshao Spring-shiro-training - Command Injection
A vulnerability was found in wangzhixuan spring-shiro-training up to 94812c1fd8f7fe796c931f4984ff1aa0671ab562. It has been declared as critical. This vulnerability affects unknown code of the file /role/add. The manipulation leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available.
by wangzhixuan
2,385 stars
CVSS 7.3
CVE-2025-8815 GITEE HIGH java
Morning - Path Traversal
A vulnerability was found in 猫宁i Morning up to bc782730c74ff080494f145cc363a0b4f43f7d3e. It has been classified as critical. Affected is an unknown function of the file /index of the component Shiro Configuration. The manipulation leads to path traversal. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available.
by morning-pro
2,312 stars
CVSS 7.3
CVE-2025-8123 GITEE MEDIUM java
Deerwms Deer-wms-2 < 3.3 - Injection
A vulnerability was found in deerwms deer-wms-2 up to 3.3. It has been classified as critical. Affected is an unknown function of the file /system/dept/edit. The manipulation of the argument ancestors leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
by deerwms
1,418 stars
CVSS 6.3
CVE-2025-8124 GITEE MEDIUM java
Deerwms Deer-wms-2 < 3.3 - Injection
A vulnerability was found in deerwms deer-wms-2 up to 3.3. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /system/role/authUser/unallocatedList. The manipulation of the argument params[dataScope] leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
by deerwms
1,418 stars
CVSS 6.3
CVE-2025-8125 GITEE MEDIUM java
Deerwms Deer-wms-2 < 3.3 - Injection
A vulnerability was found in deerwms deer-wms-2 up to 3.3. It has been rated as critical. Affected by this issue is some unknown functionality of the file /system/role/authUser/allocatedList. The manipulation of the argument params[dataScope] leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
by deerwms
1,418 stars
CVSS 6.3
CVE-2025-8126 GITEE MEDIUM java
Deerwms Deer-wms-2 < 3.3 - Injection
A vulnerability classified as critical has been found in deerwms deer-wms-2 up to 3.3. This affects an unknown part of the file /system/user/export. The manipulation of the argument params[dataScope] leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
by deerwms
1,418 stars
CVSS 6.3
CVE-2025-8127 GITEE MEDIUM java
Deerwms Deer-wms-2 < 3.3 - Injection
A vulnerability classified as critical was found in deerwms deer-wms-2 up to 3.3. This vulnerability affects unknown code of the file /system/user/list. The manipulation of the argument params[dataScope] leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
by deerwms
1,418 stars
CVSS 6.3
CVE-2025-8161 GITEE MEDIUM java
Deerwms Deer-wms-2 < 3.3 - Injection
A vulnerability classified as critical was found in deerwms deer-wms-2 up to 3.3. Affected by this vulnerability is an unknown functionality of the file /system/role/export. The manipulation of the argument params[dataScope] leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
by deerwms
1,418 stars
CVSS 6.3
CVE-2025-8162 GITEE MEDIUM java
Deerwms Deer-wms-2 < 3.3 - Injection
A vulnerability, which was classified as critical, has been found in deerwms deer-wms-2 up to 3.3. Affected by this issue is some unknown functionality of the file /system/dept/list. The manipulation of the argument params[dataScope] leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
by deerwms
1,418 stars
CVSS 6.3
CVE-2025-8163 GITEE MEDIUM java
Deerwms Deer-wms-2 < 3.3 - Injection
A vulnerability, which was classified as critical, was found in deerwms deer-wms-2 up to 3.3. This affects an unknown part of the file /system/role/list. The manipulation of the argument params[dataScope] leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
by deerwms
1,418 stars
CVSS 6.3
By Source
All 260 Exploitdb 50,123 Writeup 46,586 Nomisec 21,111 Metasploit 3,189 Github 2,219 Vulncheck_xdb 900 Inthewild 518 Gitlab 438 Gitee 415 Patchapalooza 312
By Language
text 31,341 ruby 5,920 python 5,725 c 3,550 perl 2,854 html 2,054 php 1,334 bash 459 java 359 javascript 256 c++ 245 shell 67 go 41 postscript 25 xml 24