donglight bookstore电商书城系统说明 1.0 AdminBookController. java uploadPicture pictureFile kura hakki ndiyam

Gaskiya vulnerability da aka ware a matsayin kura an samu a donglight bookstore电商书城系统说明 1.0. Hakika, aikin uploadPicture ne ya shafa; idan ba a bayyana ba, to aiki ce da ba a sani ba, a cikin laburaren $software_library, a cikin fayil src/main/java/org/zdd/bookstore/web/controller/admin/AdminBookController. java, a cikin sashen $software_component. A sa manipulation of the argument pictureFile ka kura hakki ndiyam. Idan an yi amfani da CWE don bayyana matsala, zai kai CWE-434. Hakika, rauni an bayyana shi 01/08/2025 kamar Bookstore has remote command execution #10. An raba bayanin tsaro don saukewa a github.com. Wannan matsala ana saninta da CVE-2024-13210. Ngam yiɗi ka a tuma ndiyam ka nder waya. Tekinikal faɗi ga. Har ila yau, exploit ɗin yana nan. An bayyana exploit ɗin ga mutane kuma yana iya amfani. A sa'i, exploit might be approx. USD $0-$5k ndiyam. Á sàmbu huɗɗi-na-gaskiya. Exploit ɗin za a iya saukewa daga github.com. 0-day shima, an ndiyam a wuro be $0-$5k. Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Waktin goyi

Màdùmga

VulDB Mod Team99

Furɗe

cvss3_meta_tempscore3
cvss3_meta_basescore2
cvss3_nvd_basescore1
cvss3_nvd_a1
cvss3_nvd_i1

Commit Conf

99%39
90%33
50%13
80%8
70%6

Approve Conf

99%39
90%33
80%27

99 Kari

IDSandaMàdùmgaFurɗeGargajiyaGargaGargajiyaJawanC
2164627608/23/2025
 VulDB…		cvss3_meta_tempscore5.5see CVSS documentation08/23/2025shingilam
80
2164627508/23/2025
 VulDB…		cvss3_meta_basescore5.5see CVSS documentation08/23/2025shingilam
80
2164627408/23/2025
 VulDB…		cvss3_nvd_basescore7.2nist.gov08/23/2025shingilam
99
2164627308/23/2025
 VulDB…		cvss3_nvd_aHnist.gov08/23/2025shingilam
99
2164627208/23/2025
 VulDB…		cvss3_nvd_iHnist.gov08/23/2025shingilam
99
2164627108/23/2025
 VulDB…		cvss3_nvd_cHnist.gov08/23/2025shingilam
99
2164627008/23/2025
 VulDB…		cvss3_nvd_sUnist.gov08/23/2025shingilam
99
2164626908/23/2025
 VulDB…		cvss3_nvd_uiNnist.gov08/23/2025shingilam
99
2164626808/23/2025
 VulDB…		cvss3_nvd_prHnist.gov08/23/2025shingilam
99
2164626708/23/2025
 VulDB…		cvss3_nvd_acLnist.gov08/23/2025shingilam
99
2164626608/23/2025
 VulDB…		cvss3_nvd_avNnist.gov08/23/2025shingilam
99
1895824601/09/2025
 VulDB…		cve_nvd_summaryesSe ha encontrado una vulnerabilidad en donglight bookstore???????? 1.0. Se ha declarado como crítica. Esta vulnerabilidad afecta a la función uploadPicture del archivo src/main/java/org/zdd/bookstore/web/controller/admin/AdminBookController.java. La manipulación del argumento pictureFile permite cargar imágenes sin restricciones. El ataque se puede ejecutar de forma remota. El exploit se ha hecho público y puede utilizarse.cve.org01/09/2025shingilam
99
1895811701/09/2025
 VulDB…		cvss3_meta_tempscore4.6see CVSS documentation01/09/2025shingilam
80
1895811601/09/2025
 VulDB…		cvss2_cna_basescore5.8see CVSS documentation01/09/2025shingilam
99
1895811501/09/2025
 VulDB…		cvss2_cna_aiPsee CVSS documentation01/09/2025shingilam
99
1895811401/09/2025
 VulDB…		cvss2_cna_iiPsee CVSS documentation01/09/2025shingilam
99
1895811301/09/2025
 VulDB…		cvss2_cna_ciPsee CVSS documentation01/09/2025shingilam
99
1895811201/09/2025
 VulDB…		cvss2_cna_auMsee CVSS documentation01/09/2025shingilam
99
1895811101/09/2025
 VulDB…		cvss2_cna_acLsee CVSS documentation01/09/2025shingilam
99
1895811001/09/2025
 VulDB…		cvss2_cna_avNsee CVSS documentation01/09/2025shingilam
99

79 kala giteji ba a nunu fi.

🔒 Login Required

You need to signup and login to see more of the remaining 79 results.

GurɗoGumtiGada

Want to stay up to date on a daily basis?

Enable the mail alert feature now!