javahongxi whatsmars 2021.4.0 InitializrController.java initialize artifactId ଡିରେକ୍ଟୋରୀ ଟ୍ରାଭର୍ସାଲ

Dogoggorri kan akka ଜଟିଳ jedhamuun ramadame javahongxi whatsmars 2021.4.0 keessatti argameera. Miidhamni argame is hojii initialize faayilii /whatsmars-archetypes/whatsmars-initializr/src/main/java/org/hongxi/whatsmars/initializr/controller/InitializrController.java keessa. Wanti jijjiirame irratti artifactId gara ଡିରେକ୍ଟୋରୀ ଟ୍ରାଭର୍ସାଲ geessa. Rakkoo ibsuuf CWE yoo fayyadamte gara CWE-22 si geessa. Odeeffannoon kun yeroo 06/15/2025 maxxanfameera. Odeeffannoon kun buufachuuf github.com irratti argama. Dogoggorri kun CVE-2025-6109 jedhamee waamama. Weerara fageenya irraa jalqabuu ni danda'ama. Ibsa teeknikaa ni jira. Waan dabalataa ta’een, meeshaa balaa kana fayyadamuuf ni jira. Qorannoo miidhaa (exploit) uummataaf ifa taasifameera, kanaafis fayyadamuu ni danda'ama. Ammas, gatii exploit might be approx. USD $0-$5k yeroo ammaa irratti argamuu danda'a. ପ୍ରୁଫ୍-ଅଫ୍-କନ୍ସେପ୍ଟ ta’uu isaa ibsameera. Exploit github.com irraa buufachuun ni danda'ama. Akka 0-daytti, gatiin isaa daldala dhoksaa keessatti $0-$5k akka ta'e tilmaamameera. If you want to get best quality of vulnerability data, you may have to visit VulDB.

4 ଆଡାପ୍ଟେସନ୍ · 90 ପଏଣ୍ଟ

ଫିଲ୍ଡସୃଷ୍ଟି ହୋଇଛି
06/15/2025 12:02 PM		ଅଦ୍ୟତନ 1/3
06/16/2025 08:38 AM		ଅଦ୍ୟତନ 2/3
06/16/2025 10:06 AM		ଅଦ୍ୟତନ 3/3
06/16/2025 10:24 AM
cvss2_vuldb_aiNNNN
cvss2_vuldb_ePOCPOCPOCPOC
cvss2_vuldb_rcURURURUR
cvss4_vuldb_avNNNN
cvss4_vuldb_acLLLL
cvss4_vuldb_uiNNNN
cvss4_vuldb_vcLLLL
cvss4_vuldb_viNNNN
cvss4_vuldb_vaNNNN
cvss4_vuldb_ePPPP
cvss2_vuldb_auSSSS
cvss2_vuldb_rlNDNDNDND
cvss3_vuldb_prLLLL
cvss3_vuldb_rlXXXX
cvss4_vuldb_atNNNN
cvss4_vuldb_prLLLL
cvss4_vuldb_scNNNN
cvss4_vuldb_siNNNN
cvss4_vuldb_saNNNN
cvss2_vuldb_basescore4.04.04.04.0
cvss2_vuldb_tempscore3.43.43.43.4
cvss3_vuldb_basescore4.34.34.34.3
cvss3_vuldb_tempscore3.93.93.93.9
cvss3_meta_basescore4.34.34.34.3
cvss3_meta_tempscore3.94.14.14.1
cvss4_vuldb_bscore5.35.35.35.3
cvss4_vuldb_btscore2.12.12.12.1
advisory_date1749938400 (06/15/2025)1749938400 (06/15/2025)1749938400 (06/15/2025)1749938400 (06/15/2025)
price_0day$0-$5k$0-$5k$0-$5k$0-$5k
software_vendorjavahongxijavahongxijavahongxijavahongxi
software_namewhatsmarswhatsmarswhatsmarswhatsmars
software_version2021.4.02021.4.02021.4.02021.4.0
software_file/whatsmars-archetypes/whatsmars-initializr/src/main/java/org/hongxi/whatsmars/initializr/controller/InitializrController.java/whatsmars-archetypes/whatsmars-initializr/src/main/java/org/hongxi/whatsmars/initializr/controller/InitializrController.java/whatsmars-archetypes/whatsmars-initializr/src/main/java/org/hongxi/whatsmars/initializr/controller/InitializrController.java/whatsmars-archetypes/whatsmars-initializr/src/main/java/org/hongxi/whatsmars/initializr/controller/InitializrController.java
software_functioninitializeinitializeinitializeinitialize
software_argumentartifactIdartifactIdartifactIdartifactId
vulnerability_cweCWE-22 (ଡିରେକ୍ଟୋରୀ ଟ୍ରାଭର୍ସାଲ)CWE-22 (ଡିରେକ୍ଟୋରୀ ଟ୍ରାଭର୍ସାଲ)CWE-22 (ଡିରେକ୍ଟୋରୀ ଟ୍ରାଭର୍ସାଲ)CWE-22 (ଡିରେକ୍ଟୋରୀ ଟ୍ରାଭର୍ସାଲ)
vulnerability_risk2222
cvss3_vuldb_avNNNN
cvss3_vuldb_acLLLL
cvss3_vuldb_uiNNNN
cvss3_vuldb_sUUUU
cvss3_vuldb_cLLLL
cvss3_vuldb_iNNNN
cvss3_vuldb_aNNNN
cvss3_vuldb_ePPPP
cvss3_vuldb_rcRRRR
advisory_urlhttps://github.com/ShenxiuSec/cve-proofs/blob/main/POC-20250607-02.mdhttps://github.com/ShenxiuSec/cve-proofs/blob/main/POC-20250607-02.mdhttps://github.com/ShenxiuSec/cve-proofs/blob/main/POC-20250607-02.mdhttps://github.com/ShenxiuSec/cve-proofs/blob/main/POC-20250607-02.md
exploit_availability1111
exploit_publicity1111
exploit_urlhttps://github.com/ShenxiuSec/cve-proofs/blob/main/POC-20250607-02.md#steps-to-reproducehttps://github.com/ShenxiuSec/cve-proofs/blob/main/POC-20250607-02.md#steps-to-reproducehttps://github.com/ShenxiuSec/cve-proofs/blob/main/POC-20250607-02.md#steps-to-reproducehttps://github.com/ShenxiuSec/cve-proofs/blob/main/POC-20250607-02.md#steps-to-reproduce
source_cveCVE-2025-6109CVE-2025-6109CVE-2025-6109CVE-2025-6109
cna_responsibleVulDBVulDBVulDBVulDB
response_summaryThe vendor was contacted early about this disclosure but did not respond in any way.The vendor was contacted early about this disclosure but did not respond in any way.The vendor was contacted early about this disclosure but did not respond in any way.The vendor was contacted early about this disclosure but did not respond in any way.
software_typeProgramming Language SoftwareProgramming Language SoftwareProgramming Language SoftwareProgramming Language Software
cvss2_vuldb_avNNNN
cvss2_vuldb_acLLLL
cvss2_vuldb_ciPPPP
cvss2_vuldb_iiNNNN
cve_nvd_summaryA vulnerability was found in javahongxi whatsmars 2021.4.0. It has been rated as problematic. Affected by this issue is the function initialize of the file /whatsmars-archetypes/whatsmars-initializr/src/main/java/org/hongxi/whatsmars/initializr/controller/InitializrController.java. The manipulation of the argument artifactId leads to path traversal. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.A vulnerability was found in javahongxi whatsmars 2021.4.0. It has been rated as problematic. Affected by this issue is the function initialize of the file /whatsmars-archetypes/whatsmars-initializr/src/main/java/org/hongxi/whatsmars/initializr/controller/InitializrController.java. The manipulation of the argument artifactId leads to path traversal. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.A vulnerability was found in javahongxi whatsmars 2021.4.0. It has been rated as problematic. Affected by this issue is the function initialize of the file /whatsmars-archetypes/whatsmars-initializr/src/main/java/org/hongxi/whatsmars/initializr/controller/InitializrController.java. The manipulation of the argument artifactId leads to path traversal. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
cvss4_cna_avNNN
cvss4_cna_acLLL
cvss4_cna_atNNN
cvss4_cna_prLLL
cvss4_cna_uiNNN
cvss4_cna_vcLLL
cvss4_cna_viNNN
cvss4_cna_vaNNN
cvss4_cna_scNNN
cvss4_cna_siNNN
cvss4_cna_saNNN
cvss4_cna_bscore5.35.35.3
cvss3_cna_avNNN
cvss3_cna_acLLL
cvss3_cna_prLLL
cvss3_cna_uiNNN
cvss3_cna_sUUU
cvss3_cna_cLLL
cvss3_cna_iNNN
cvss3_cna_aNNN
cvss3_cna_basescore4.34.34.3
cvss2_cna_avNNN
cvss2_cna_acLLL
cvss2_cna_auSSS
cvss2_cna_ciPPP
cvss2_cna_iiNNN
cvss2_cna_aiNNN
cvss2_cna_basescore444
euvd_idEUVD-2025-18365EUVD-2025-18365
cve_nvd_summaryesSe encontró una vulnerabilidad en javahongxi whatsmars 2021.4.0. Se ha clasificado como problemática. Este problema afecta a la función initialize del archivo /whatsmars-archetypes/whatsmars-initializr/src/main/java/org/hongxi/whatsmars/initializr/controller/InitializrController.java. La manipulación del argumento artifactId provoca un path traversal. El ataque puede ejecutarse en remoto. Se ha hecho público el exploit y puede que sea utilizado. Se contactó al proveedor con antelación sobre esta divulgación, pero no respondió.

ପଛକୁସମୀକ୍ଷାଆହୁରି ଦୂରରେ

Might our Artificial Intelligence support you?

Check our Alexa App!