Java Exploits
370 exploits tracked across all sources.
TeaCMS 2.3.3 - Privilege Escalation
An unauthorized access issue found in XiaoBingby TeaCMS 2.3.3 allows attackers to escalate privileges via the id and keywords parameter(s).
by xiaobingby
FS-Blog - Cross-Site Scripting in Title Handler
A vulnerability was found in zbl1996 FS-Blog and classified as problematic. This issue affects some unknown processing of the component Title Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-215267.
by zbl1996
bboss-persistent <6.0.9 - Code Injection
bboss-persistent v6.0.9 and below was discovered to contain a code injection vulnerability in the component com.frameworkset.common.poolman.util.SQLManager.createPool. This vulnerability is exploited via passing an unchecked argument.
by bbossgroups
anji-plus AJ-Report 0.9.8.6 - Authentication Bypass via JWT Token Spoofing
anji-plus AJ-Report 0.9.8.6 allows remote attackers to bypass login authentication by spoofing JWT Tokens.
by Raod
Taisan Tarzan-cms 1.0.0 - Unrestricted Upload
A vulnerability, which was classified as critical, was found in taisan tarzan-cms 1.0.0. This affects the function UploadResponse of the file src/main/java/com/tarzan/cms/modules/admin/controller/common/UploadController.java of the component Article Management. The manipulation of the argument file leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
by taisan
pallidlight online-course-selection-system - Cross-Site Scripting
A vulnerability was found in pallidlight online-course-selection-system. It has been classified as problematic. Affected is an unknown function. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-215268.
by pallidlight
Jspxcms v9.0.0 - Server-Side Request Forgery
Jspxcms v9.0.0 allows SSRF.
by jspxcms
Jspxcms 10.2.0 - Remote Code Execution via Freemarker Template Utility
A vulnerability in ${"freemarker.template.utility.Execute"?new() of UJCMS Jspxcms v10.2.0 allows attackers to execute arbitrary commands via uploading malicious files.
by jspxcms
Jspxcms v10.2.0 - Server-Side Request Forgery via /cmscp/ext/collect/fetch_url.do URL Parameter
Jspxcms v10.2.0 allows attackers to execute a Server-Side Request Forgery (SSRF) via /cmscp/ext/collect/fetch_url.do?url=.
by jspxcms
Jspxcms v10.2.0 - Cross-Site Scripting via choose_style_tree.do Interface
There is a Cross Site Scripting (XSS) vulnerability in the choose_style_tree.do interface of Jspxcms v10.2.0 backend.
by jspxcms
OneBlog 2.3.4 - Stored Cross-Site Scripting via Category List Parameter
A stored cross-site scripting (XSS) vulnerability in OneBlog v2.3.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Category List parameter under the Lab module.
by yadong.zhang
OneBlog v2.3.4 - Stored Cross-Site Scripting via Links Component
OneBlog v2.3.4 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the component {{rootpath}}/links.
by yadong.zhang
OneBlog v2.3.4 - Stored Cross-Site Scripting via Notice Manage Module
OneBlog v2.3.4 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Notice Manage module.
by yadong.zhang
OneBlog 2.3.4 - Stored Cross-Site Scripting in Privilege Management Module
OneBlog v2.3.4 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Privilege Management module.
by yadong.zhang
OneBlog 2.3.4 - Stored Cross-Site Scripting in Role Management Module
OneBlog v2.3.4 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Role Management module.
by yadong.zhang
OneBlog v2.3.4 - Stored Cross-Site Scripting via User Management Module
OneBlog v2.3.4 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the User Management module.
by yadong.zhang
PublicCMS < 4.0.202302.e - Server-Side Request Forgery via /admin/ueditor?action=catchimage
PublicCMS v4.0.202302.e was discovered to contain a Server-Side Request Forgery (SSRF) via the component /admin/ueditor?action=catchimage.
by sanluan
PublicCMS < 4.0.202302.e - Server-Side Request Forgery via Maintenance SysTask Edit
PublicCMS v4.0.202302.e was discovered to contain a Server-Side Request Forgery (SSRF) via the component /admin/#maintenance_sysTask/edit.
by sanluan
PublicCMS < 4.0.202302.e - Arbitrary File Upload via /admin/cmsWebFile/doUpload
An arbitrary file upload vulnerability in the component /admin/cmsWebFile/doUpload of PublicCMS v4.0.202302.e allows attackers to execute arbitrary code via uploading a crafted file.
by sanluan
lakernote easyadmin < 2024-03-15 - Path Traversal via /ureport/designer/saveReportFile
A vulnerability classified as critical has been found in lakernote EasyAdmin up to 20240315. This affects an unknown part of the file /ureport/designer/saveReportFile. The manipulation of the argument file leads to path traversal: '../filedir'. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-257715.
by lakernote
lakernote easyadmin < 2024-03-15 - XML External Entity Injection via /ureport/designer/saveReportFile
A vulnerability classified as problematic was found in lakernote EasyAdmin up to 20240315. This vulnerability affects unknown code of the file /ureport/designer/saveReportFile. The manipulation leads to xml external entity reference. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257716.
by lakernote
lakernote easyadmin < 2024-03-15 - Server-Side Request Forgery via /ureport/designer/saveReportFile
A vulnerability, which was classified as critical, has been found in lakernote EasyAdmin up to 20240315. This issue affects some unknown processing of the file /ureport/designer/saveReportFile. The manipulation leads to server-side request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-257717 was assigned to this vulnerability.
by lakernote
lakernote EasyAdmin < 2024-03-15 - Server-Side Request Forgery via Thumbnail URL Parameter
A vulnerability, which was classified as critical, was found in lakernote EasyAdmin up to 20240315. Affected is the function thumbnail of the file src/main/java/com/laker/admin/module/sys/controller/IndexController.java. The manipulation of the argument url leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The patch is identified as 23165d8cb569048c531150f194fea39f8800b8d5. It is recommended to apply a patch to fix this issue. VDB-257718 is the identifier assigned to this vulnerability.
by lakernote
my-springsecurity-plus <2024.07.03 - SQL Injection
my-springsecurity-plus before v2024.07.03 was discovered to contain a SQL injection vulnerability via the dataScope parameter at /api/user.
by witmy
my-springsecurity-plus <2024.07.03 - SQL Injection
my-springsecurity-plus before v2024.07.03 was discovered to contain a SQL injection vulnerability via the dataScope parameter at /api/dept.
by witmy
By Source