NotCVE - vendor:"Aitangbao" product:"Springboot-manager" version:"1.6"

4 results (0.009 seconds)

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1

CVE-2024-24059

https://notcve.org/view.php?id=CVE-2024-24059

01 Feb 2024 — springboot-manager v1.6 is vulnerable to Arbitrary File Upload. The system does not filter the suffixes of uploaded files. springboot-manager v1.6 es vulnerable a la carga arbitraria de archivos. El sistema no filtra los sufijos de los archivos cargados. • https://github.com/By-Yexing/Vulnerability_JAVA/blob/main/2024/springboot-manager.md#2-file-upload-vulnerability • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1

CVE-2024-24061

https://notcve.org/view.php?id=CVE-2024-24061

01 Feb 2024 — springboot-manager v1.6 is vulnerable to Cross Site Scripting (XSS) via /sysContent/add. springboot-manager v1.6 es vulnerable a Cross Site Scripting (XSS) a través de /sysContent/add. • https://github.com/By-Yexing/Vulnerability_JAVA/blob/main/2024/springboot-manager.md#13-stored-cross-site-scripting-syscontentadd • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1

CVE-2024-24060

https://notcve.org/view.php?id=CVE-2024-24060

01 Feb 2024 — springboot-manager v1.6 is vulnerable to Cross Site Scripting (XSS) via /sys/user. springboot-manager v1.6 es vulnerable a Cross Site Scripting (XSS) a través de /sys/user. • https://github.com/By-Yexing/Vulnerability_JAVA/blob/main/2024/springboot-manager.md#11-stored-cross-site-scripting-sysuser • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1

CVE-2024-24062

https://notcve.org/view.php?id=CVE-2024-24062

01 Feb 2024 — springboot-manager v1.6 is vulnerable to Cross Site Scripting (XSS) via /sys/role. springboot-manager v1.6 es vulnerable a Cross Site Scripting (XSS) a través de /sys/role. • https://github.com/By-Yexing/Vulnerability_JAVA/blob/main/2024/springboot-manager.md#12-stored-cross-site-scripting-sysrole • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •