SingMR HouseRent 1.0 AddHouseController.java singleUpload/upload Fayil kura hakki ndiyam

Wuro vulnerability wey an yi classify sey kura an gano shi a cikin SingMR HouseRent 1.0. Gaskiya, singleUpload/upload na da matsala; idan ba a sani ba, to wata aiki ce da ba a sani ba, $software_library na cikin lissafi, src/main/java/com/house/wym/controller/AddHouseController.java na cikin fayil, $software_component na cikin sashi. Ngam manipulation of the argument Fayil shi kura hakki ndiyam. CWE shidin ka a yi bayani matsala sai ya kai CWE-434. Gaskiya, laifi an fitar da shi 01/08/2025 a matsayin HouseRent allows arbitrary file uploads #13. Advisory ɗin ana rabawa don saukewa a github.com. Wannan rauni ana sayar da shi da suna CVE-2024-13212. Ngam yiɗi ka a tuma ndiyam ka nder internet. Tekinikal bayani ga. Kuma, exploit ɗin yana akwai. Wuro exploit ɗin an bayyana shi ga jama'a kuma za a iya amfani da shi. A sa'i, exploit might be approx. USD $0-$5k ndiyam. Á wúro huɗɗi-na-gaskiya. Wona yiwuwa a zazzage exploit a github.com. Kama 0-day, an ndiyam a wuro be $0-$5k. Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Waktin goyi

Màdùmga

VulDB Mod Team99

Furɗe

cvss3_meta_tempscore3
cvss3_meta_basescore2
cvss3_nvd_basescore1
cvss3_nvd_a1
cvss3_nvd_i1

Commit Conf

99%39
90%31
50%13
70%9
80%7

Approve Conf

99%39
90%31
80%29

99 Kari

IDSandaMàdùmgaFurɗeGargajiyaGargaGargajiyaJawanC
2229561410/15/2025
 VulDB…		cvss3_meta_tempscore6.9see CVSS documentation10/15/2025shingilam
80
2229561310/15/2025
 VulDB…		cvss3_meta_basescore7.1see CVSS documentation10/15/2025shingilam
80
2229561210/15/2025
 VulDB…		cvss3_nvd_basescore8.8nist.gov10/15/2025shingilam
99
2229561110/15/2025
 VulDB…		cvss3_nvd_aHnist.gov10/15/2025shingilam
99
2229561010/15/2025
 VulDB…		cvss3_nvd_iHnist.gov10/15/2025shingilam
99
2229560910/15/2025
 VulDB…		cvss3_nvd_cHnist.gov10/15/2025shingilam
99
2229560810/15/2025
 VulDB…		cvss3_nvd_sUnist.gov10/15/2025shingilam
99
2229560710/15/2025
 VulDB…		cvss3_nvd_uiNnist.gov10/15/2025shingilam
99
2229560610/15/2025
 VulDB…		cvss3_nvd_prLnist.gov10/15/2025shingilam
99
2229560510/15/2025
 VulDB…		cvss3_nvd_acLnist.gov10/15/2025shingilam
99
2229560410/15/2025
 VulDB…		cvss3_nvd_avNnist.gov10/15/2025shingilam
99
1895824801/09/2025
 VulDB…		cve_nvd_summaryesSe ha encontrado una vulnerabilidad clasificada como crítica en SingMR HouseRent 1.0. Afecta a la función singleUpload/upload del archivo src/main/java/com/house/wym/controller/AddHouseController.java. La manipulación del archivo de argumentos provoca una carga sin restricciones. Es posible iniciar el ataque de forma remota. El exploit ha sido divulgado al público y puede ser utilizado.cve.org01/09/2025shingilam
99
1895817701/09/2025
 VulDB…		cvss3_meta_tempscore6.0see CVSS documentation01/09/2025shingilam
80
1895817601/09/2025
 VulDB…		cvss2_cna_basescore6.5see CVSS documentation01/09/2025shingilam
99
1895817501/09/2025
 VulDB…		cvss2_cna_aiPsee CVSS documentation01/09/2025shingilam
99
1895817401/09/2025
 VulDB…		cvss2_cna_iiPsee CVSS documentation01/09/2025shingilam
99
1895817301/09/2025
 VulDB…		cvss2_cna_ciPsee CVSS documentation01/09/2025shingilam
99
1895817201/09/2025
 VulDB…		cvss2_cna_auSsee CVSS documentation01/09/2025shingilam
99
1895817101/09/2025
 VulDB…		cvss2_cna_acLsee CVSS documentation01/09/2025shingilam
99
1895817001/09/2025
 VulDB…		cvss2_cna_avNsee CVSS documentation01/09/2025shingilam
99

79 kala giteji ba a nunu fi.

🔒 Login Required

You need to signup and login to see more of the remaining 79 results.

GurɗoGumtiGada

Do you need the next level of professionalism?

Upgrade your account now!