π¨ CVE-2024-13201
A vulnerability has been found in wander-chu SpringBoot-Blog 1.0 and classified as critical. This vulnerability affects the function upload of the file src/main/java/com/my/blog/website/controller/admin/AttachtController.java of the component Admin Attachment Handler. The manipulation of the argument file leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
π@cveNotify
A vulnerability has been found in wander-chu SpringBoot-Blog 1.0 and classified as critical. This vulnerability affects the function upload of the file src/main/java/com/my/blog/website/controller/admin/AttachtController.java of the component Admin Attachment Handler. The manipulation of the argument file leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
π@cveNotify
GitHub
SpringBoot Blog contains arbitrary file uploads Β· Issue #6 Β· wander-chu/SpringBoot-Blog
Code Audit: The upload method in src/main/java/com/my/blog/website/controller/admin/AttachtController.java does not restrict the uploaded files, and can directly upload JSP and HTML Trojan files Vu...
π¨ CVE-2024-13202
A vulnerability was found in wander-chu SpringBoot-Blog 1.0 and classified as problematic. This issue affects the function modifiyArticle of the file src/main/java/com/my/blog/website/controller/admin/PageController.java of the component Blog Article Handler. The manipulation of the argument content leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
π@cveNotify
A vulnerability was found in wander-chu SpringBoot-Blog 1.0 and classified as problematic. This issue affects the function modifiyArticle of the file src/main/java/com/my/blog/website/controller/admin/PageController.java of the component Blog Article Handler. The manipulation of the argument content leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
π@cveNotify
GitHub
SpringBoot Blog has storage XSS Β· Issue #7 Β· wander-chu/SpringBoot-Blog
Code Audit: The modifiyArticle method in src/main/java/com/my/blog/website/controller/admin/PageController. java does not filter the incoming content and slug, resulting in storage XSS Vulnerabilit...
π¨ CVE-2025-0333
A vulnerability, which was classified as critical, was found in leiyuxi cy-fast 1.0. Affected is the function listData of the file /sys/role/listData. The manipulation of the argument order leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
π@cveNotify
A vulnerability, which was classified as critical, was found in leiyuxi cy-fast 1.0. Affected is the function listData of the file /sys/role/listData. The manipulation of the argument order leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
π@cveNotify
GitHub
cvelist/cy-fast/sqli1.md at main Β· d3do-23/cvelist
cve detail list. Contribute to d3do-23/cvelist development by creating an account on GitHub.
π¨ CVE-2025-0334
A vulnerability has been found in leiyuxi cy-fast 1.0 and classified as critical. Affected by this vulnerability is the function listData of the file /sys/user/listData. The manipulation of the argument order leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
π@cveNotify
A vulnerability has been found in leiyuxi cy-fast 1.0 and classified as critical. Affected by this vulnerability is the function listData of the file /sys/user/listData. The manipulation of the argument order leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
π@cveNotify
GitHub
cvelist/cy-fast/sqli2.md at main Β· d3do-23/cvelist
cve detail list. Contribute to d3do-23/cvelist development by creating an account on GitHub.
π¨ CVE-2025-0344
A vulnerability has been found in leiyuxi cy-fast 1.0 and classified as critical. Affected by this vulnerability is the function listData of the file /commpara/listData. The manipulation of the argument order leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
π@cveNotify
A vulnerability has been found in leiyuxi cy-fast 1.0 and classified as critical. Affected by this vulnerability is the function listData of the file /commpara/listData. The manipulation of the argument order leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
π@cveNotify
GitHub
cvelist/cy-fast/sqli3.md at main Β· d3do-23/cvelist
cve detail list. Contribute to d3do-23/cvelist development by creating an account on GitHub.
π¨ CVE-2025-0345
A vulnerability was found in leiyuxi cy-fast 1.0 and classified as critical. Affected by this issue is the function listData of the file /sys/menu/listData. The manipulation of the argument order leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
π@cveNotify
A vulnerability was found in leiyuxi cy-fast 1.0 and classified as critical. Affected by this issue is the function listData of the file /sys/menu/listData. The manipulation of the argument order leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
π@cveNotify
GitHub
cvelist/cy-fast/sqli4.md at main Β· d3do-23/cvelist
cve detail list. Contribute to d3do-23/cvelist development by creating an account on GitHub.
π¨ CVE-2025-53642
haxcms-nodejs and haxcms-php are backends for HAXcms. The logout function within the application does not terminate a user's session or clear their cookies. Additionally, the application issues a refresh token when logging out. This vulnerability is fixed in 11.0.6.
π@cveNotify
haxcms-nodejs and haxcms-php are backends for HAXcms. The logout function within the application does not terminate a user's session or clear their cookies. Additionally, the application issues a refresh token when logging out. This vulnerability is fixed in 11.0.6.
π@cveNotify
GitHub
Improper Session Termination
### Summary
The logout function within the application does not terminate a user's session or clear their cookies. Additionally, the application issues a refresh token when logging out.
...
The logout function within the application does not terminate a user's session or clear their cookies. Additionally, the application issues a refresh token when logging out.
...
π¨ CVE-2025-46789
Classic buffer overflow in certain Zoom Clients for Windows may allow an authorized user to conduct a denial of service via network access.
π@cveNotify
Classic buffer overflow in certain Zoom Clients for Windows may allow an authorized user to conduct a denial of service via network access.
π@cveNotify
π1
π¨ CVE-2025-52473
liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. Multiple secret-dependent branches have been identified in the reference implementation of the HQC key encapsulation mechanism when it is compiled with Clang for optimization levels above -O0 (-O1, -O2, etc). A proof-of-concept local attack exploits this secret-dependent information to recover the entire secret key. This vulnerability is fixed in 0.14.0.
π@cveNotify
liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. Multiple secret-dependent branches have been identified in the reference implementation of the HQC key encapsulation mechanism when it is compiled with Clang for optimization levels above -O0 (-O1, -O2, etc). A proof-of-concept local attack exploits this secret-dependent information to recover the entire secret key. This vulnerability is fixed in 0.14.0.
π@cveNotify
GitHub
Merge commit from fork Β· open-quantum-safe/liboqs@4215362
* Enable constant-time testing for -O3 builds [extended tests]
Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>
* Add regression test for HQC constant-time issues
* Buil...
Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>
* Add regression test for HQC constant-time issues
* Buil...
π¨ CVE-2025-54254
Adobe Experience Manager versions 6.5.23 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could lead to arbitrary file system read. An attacker could exploit this vulnerability to access sensitive files on the local file system, scope is changed. Exploitation of this issue does not require user interaction.
π@cveNotify
Adobe Experience Manager versions 6.5.23 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could lead to arbitrary file system read. An attacker could exploit this vulnerability to access sensitive files on the local file system, scope is changed. Exploitation of this issue does not require user interaction.
π@cveNotify
Adobe
Adobe Security Bulletin
Security updates available for Adobe Experience Manager | APSB25-82
π€£1
π¨ CVE-2025-55011
Kanboard is project management software that focuses on the Kanban methodology. Prior to version 1.2.47, the createTaskFile method in the API does not validate whether the task_id parameter is a valid task id, nor does it check for path traversal. As a result, a malicious actor could write a file anywhere on the system the app user controls. The impact is limited due to the filename being hashed and having no extension. This issue has been patched in version 1.2.47.
π@cveNotify
Kanboard is project management software that focuses on the Kanban methodology. Prior to version 1.2.47, the createTaskFile method in the API does not validate whether the task_id parameter is a valid task id, nor does it check for path traversal. As a result, a malicious actor could write a file anywhere on the system the app user controls. The impact is limited due to the filename being hashed and having no extension. This issue has been patched in version 1.2.47.
π@cveNotify
GitHub
kanboard/app/Api/Procedure/TaskFileProcedure.php at b2e35ac520add67cff792aab960b3c002c48e3d0 Β· kanboard/kanboard
Kanban project management software. Contribute to kanboard/kanboard development by creating an account on GitHub.
π¨ CVE-2025-49557
Adobe Commerce versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be exploited by a low-privileged attacker to inject malicious scripts into vulnerable form fields. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high. Exploitation of this issue requires user interaction in that a victim must browse to the page containing the vulnerable field. Scope is changed.
π@cveNotify
Adobe Commerce versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be exploited by a low-privileged attacker to inject malicious scripts into vulnerable form fields. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high. Exploitation of this issue requires user interaction in that a victim must browse to the page containing the vulnerable field. Scope is changed.
π@cveNotify
Adobe
Adobe Security Bulletin
Security Updates Available for Adobe Commerce | APSB25-71
π€£1
π¨ CVE-2025-49576
Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. The citizen-search-noresults-title and citizen-search-noresults-desc system messages are inserted into raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This vulnerability is fixed in 3.3.1.
π@cveNotify
Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. The citizen-search-noresults-title and citizen-search-noresults-desc system messages are inserted into raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This vulnerability is fixed in 3.3.1.
π@cveNotify
GitHub
fix(security): π ποΈ fix various stored XSS system message vulnerabiliβ¦ Β· StarCitizenTools/mediawiki-skins-Citizen@93c36ac
β¦ties
- fix: escape menu headings
- fix: escape user registration date
- fix: parse command palette tip messages
- fix: jQueryMsg parsing bug
- fix: further i18n XSSs
- Load mediawiki.jqueryMsg wi...
- fix: escape menu headings
- fix: escape user registration date
- fix: parse command palette tip messages
- fix: jQueryMsg parsing bug
- fix: further i18n XSSs
- Load mediawiki.jqueryMsg wi...
π¨ CVE-2025-49577
Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. Various preferences messages are inserted into raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This vulnerability is fixed in 3.3.1.
π@cveNotify
Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. Various preferences messages are inserted into raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This vulnerability is fixed in 3.3.1.
π@cveNotify
GitHub
fix(security): π ποΈ fix various stored XSS system message vulnerabiliβ¦ Β· StarCitizenTools/mediawiki-skins-Citizen@93c36ac
β¦ties
- fix: escape menu headings
- fix: escape user registration date
- fix: parse command palette tip messages
- fix: jQueryMsg parsing bug
- fix: further i18n XSSs
- Load mediawiki.jqueryMsg wi...
- fix: escape menu headings
- fix: escape user registration date
- fix: parse command palette tip messages
- fix: jQueryMsg parsing bug
- fix: further i18n XSSs
- Load mediawiki.jqueryMsg wi...
π¨ CVE-2025-49578
Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. Various date messages returned by `Language::userDate` are inserted into raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This impacts wikis where a group has the `editinterface` but not the `editsitejs` user right. This vulnerability is fixed in 3.3.1.
π@cveNotify
Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. Various date messages returned by `Language::userDate` are inserted into raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This impacts wikis where a group has the `editinterface` but not the `editsitejs` user right. This vulnerability is fixed in 3.3.1.
π@cveNotify
GitHub
feat(contentEnhancements): ⨠add user anniversary feature and improve⦠· StarCitizenTools/mediawiki-skins-Citizen@64cb5d7
β¦ registration date display
π¨ CVE-2025-49579
Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. All system messages in menu headings using the Menu.mustache template are inserted as raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This impacts wikis where a group has the `editinterface` but not the `editsitejs` user right. This vulnerability is fixed in 3.3.1.
π@cveNotify
Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. All system messages in menu headings using the Menu.mustache template are inserted as raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This impacts wikis where a group has the `editinterface` but not the `editsitejs` user right. This vulnerability is fixed in 3.3.1.
π@cveNotify
GitHub
refactor(core): β»οΈ simplify menu header implementation Β· StarCitizenTools/mediawiki-skins-Citizen@54c8717
A beautiful, usable, responsive MediaWiki skin with in-depth extension support. Originally developed for the Star Citizen Wiki. - refactor(core): β»οΈ simplify menu header implementation Β· StarCitizenTools/mediawiki-skins-Citizen@54c8717
π¨ CVE-2025-36041
IBM MQ Operator LTS 2.0.0 through 2.0.29, MQ Operator CD 3.0.0, 3.0.1, 3.1.0 through 3.1.3, 3.3.0, 3.4.0, 3.4.1, 3.5.0, 3.5.1 through 3.5.3, and MQ Operator SC2 3.2.0 through 3.2.12 Native HA CRR could be configured with a private key and chain other than the intended key which could disclose sensitive information or allow the attacker to perform unauthorized actions.
π@cveNotify
IBM MQ Operator LTS 2.0.0 through 2.0.29, MQ Operator CD 3.0.0, 3.0.1, 3.1.0 through 3.1.3, 3.3.0, 3.4.0, 3.4.1, 3.5.0, 3.5.1 through 3.5.3, and MQ Operator SC2 3.2.0 through 3.2.12 Native HA CRR could be configured with a private key and chain other than the intended key which could disclose sensitive information or allow the attacker to perform unauthorized actions.
π@cveNotify
Ibm
Security Bulletin: Multiple vulnerabilities in IBM MQ Operator and Queue manager container images
Multiple vulnerabilities were addressed in IBM MQ Operator and Queue manager container images
π¨ CVE-2025-43300
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Sonoma 14.7.8, macOS Ventura 13.7.8, iPadOS 17.7.10, macOS Sequoia 15.6.1, iOS 18.6.2 and iPadOS 18.6.2. Processing a malicious image file may result in memory corruption. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.
π@cveNotify
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Sonoma 14.7.8, macOS Ventura 13.7.8, iPadOS 17.7.10, macOS Sequoia 15.6.1, iOS 18.6.2 and iPadOS 18.6.2. Processing a malicious image file may result in memory corruption. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.
π@cveNotify
Apple Support
About the security content of iOS 18.6.2 and iPadOS 18.6.2 - Apple Support
This document describes the security content of iOS 18.6.2 and iPadOS 18.6.2.
π¨ CVE-2021-25743
kubectl does not neutralize escape, meta or control sequences contained in the raw data it outputs to a terminal. This includes but is not limited to the unstructured string fields in objects such as Events.
π@cveNotify
kubectl does not neutralize escape, meta or control sequences contained in the raw data it outputs to a terminal. This includes but is not limited to the unstructured string fields in objects such as Events.
π@cveNotify
GitHub
ANSI escape characters in kubectl output are not being filtered Β· Issue #101695 Β· kubernetes/kubernetes
It is a security issue, but after contacting security@kubernetes.io, Tim and the team confirmed that they are comfortable posting it publicly. What happened: Kubernetes doesn't sanitize the ...
π¨ CVE-2025-49575
Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. Multiple system messages are inserted into the CommandPaletteFooter as raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This impacts wikis where a group has the `editinterface` but not the `editsitejs` user right. This vulnerability is fixed in 3.3.1.
π@cveNotify
Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. Multiple system messages are inserted into the CommandPaletteFooter as raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This impacts wikis where a group has the `editinterface` but not the `editsitejs` user right. This vulnerability is fixed in 3.3.1.
π@cveNotify
GitHub
feat(commandPalette): β¨ add tips for command palette usage Β· StarCitizenTools/mediawiki-skins-Citizen@4fa69e1
A beautiful, usable, responsive MediaWiki skin with in-depth extension support. Originally developed for the Star Citizen Wiki. - feat(commandPalette): β¨ add tips for command palette usage Β· StarCitizenTools/mediawiki-skins-Citizen@4fa69e1
π¨ CVE-2025-52287
OperaMasks SDK ELite Script Engine v0.5.0 was discovered to contain a deserialization vulnerability.
π@cveNotify
OperaMasks SDK ELite Script Engine v0.5.0 was discovered to contain a deserialization vulnerability.
π@cveNotify
Gist
CVE-2025-52287
CVE-2025-52287. GitHub Gist: instantly share code, notes, and snippets.