SingMR HouseRent 1.0 AddHouseController.java singleUpload/upload ଫାଇଲ୍ ବିସ୍ତାରିତ ଅଧିକାର

Rakkoon nageenyaa kan ଜଟିଳ jedhamuun beekamu SingMR HouseRent 1.0 keessatti argameera. Kan miidhamte is hojii singleUpload/upload faayilii src/main/java/com/house/wym/controller/AddHouseController.java keessa. Hojii jijjiirraa irratti gaggeeffame ଫାଇଲ୍ gara ବିସ୍ତାରିତ ଅଧିକାର geessa. CWE fayyadamuun rakkoo ibsuun gara CWE-434 geessa. Dadhabbii kana yeroo 01/08/2025 maxxanfameera akka HouseRent allows arbitrary file uploads #13. Odeeffannoon kun buufachuuf github.com irratti qoodameera. Dogoggorri kun akka CVE-2024-13212tti beekama. Yaaliin weeraraa fageenya irraa jalqabamuu ni danda'a. Faayidaaleen teeknikaa ni jiru. Waliigalatti, meeshaa balaa kana fayyadamuuf jiru. Qorannoo miidhaa (exploit) uummataaf ifoomameera fi fayyadamamuu danda'a. Amma, gatii ammee exploit might be approx. USD $0-$5k ta'uu danda'a. Akka ପ୍ରୁଫ୍-ଅଫ୍-କନ୍ସେପ୍ଟ jedhamee ibsameera. Carraa exploit kana github.com irraa buufachuun ni danda'ama. Akka 0-daytti, gatii daldalaa dhoksaa tilmaamame $0-$5k ta'ee ture. Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

ସମୟ

ଉପଭୋକ୍ତା

VulDB Mod Team99

ଫିଲ୍ଡ

cvss3_meta_tempscore3
cvss3_meta_basescore2
cvss3_nvd_basescore1
cvss3_nvd_a1
cvss3_nvd_i1

Commit Conf

99%39
90%31
50%13
70%9
80%7

Approve Conf

99%39
90%31
80%29

99 ପ୍ରତିଶ୍ରୁତିବଦ୍ଧ

IDଟ୍ରାନ୍ସମିଟେଡ୍ଉପଭୋକ୍ତାଫିଲ୍ଡପରିବର୍ତ୍ତନମନ୍ତବ୍ୟମଧ୍ୟମ ଧରଣରଉତ୍ତରC
2229561410/15/2025
 VulDB…		cvss3_meta_tempscore6.9see CVSS documentation10/15/2025ଗ୍ରହଣ କରାଯାଇଛି
80
2229561310/15/2025
 VulDB…		cvss3_meta_basescore7.1see CVSS documentation10/15/2025ଗ୍ରହଣ କରାଯାଇଛି
80
2229561210/15/2025
 VulDB…		cvss3_nvd_basescore8.8nist.gov10/15/2025ଗ୍ରହଣ କରାଯାଇଛି
99
2229561110/15/2025
 VulDB…		cvss3_nvd_aHnist.gov10/15/2025ଗ୍ରହଣ କରାଯାଇଛି
99
2229561010/15/2025
 VulDB…		cvss3_nvd_iHnist.gov10/15/2025ଗ୍ରହଣ କରାଯାଇଛି
99
2229560910/15/2025
 VulDB…		cvss3_nvd_cHnist.gov10/15/2025ଗ୍ରହଣ କରାଯାଇଛି
99
2229560810/15/2025
 VulDB…		cvss3_nvd_sUnist.gov10/15/2025ଗ୍ରହଣ କରାଯାଇଛି
99
2229560710/15/2025
 VulDB…		cvss3_nvd_uiNnist.gov10/15/2025ଗ୍ରହଣ କରାଯାଇଛି
99
2229560610/15/2025
 VulDB…		cvss3_nvd_prLnist.gov10/15/2025ଗ୍ରହଣ କରାଯାଇଛି
99
2229560510/15/2025
 VulDB…		cvss3_nvd_acLnist.gov10/15/2025ଗ୍ରହଣ କରାଯାଇଛି
99
2229560410/15/2025
 VulDB…		cvss3_nvd_avNnist.gov10/15/2025ଗ୍ରହଣ କରାଯାଇଛି
99
1895824801/09/2025
 VulDB…		cve_nvd_summaryesSe ha encontrado una vulnerabilidad clasificada como crítica en SingMR HouseRent 1.0. Afecta a la función singleUpload/upload del archivo src/main/java/com/house/wym/controller/AddHouseController.java. La manipulación del archivo de argumentos provoca una carga sin restricciones. Es posible iniciar el ataque de forma remota. El exploit ha sido divulgado al público y puede ser utilizado.cve.org01/09/2025ଗ୍ରହଣ କରାଯାଇଛି
99
1895817701/09/2025
 VulDB…		cvss3_meta_tempscore6.0see CVSS documentation01/09/2025ଗ୍ରହଣ କରାଯାଇଛି
80
1895817601/09/2025
 VulDB…		cvss2_cna_basescore6.5see CVSS documentation01/09/2025ଗ୍ରହଣ କରାଯାଇଛି
99
1895817501/09/2025
 VulDB…		cvss2_cna_aiPsee CVSS documentation01/09/2025ଗ୍ରହଣ କରାଯାଇଛି
99
1895817401/09/2025
 VulDB…		cvss2_cna_iiPsee CVSS documentation01/09/2025ଗ୍ରହଣ କରାଯାଇଛି
99
1895817301/09/2025
 VulDB…		cvss2_cna_ciPsee CVSS documentation01/09/2025ଗ୍ରହଣ କରାଯାଇଛି
99
1895817201/09/2025
 VulDB…		cvss2_cna_auSsee CVSS documentation01/09/2025ଗ୍ରହଣ କରାଯାଇଛି
99
1895817101/09/2025
 VulDB…		cvss2_cna_acLsee CVSS documentation01/09/2025ଗ୍ରହଣ କରାଯାଇଛି
99
1895817001/09/2025
 VulDB…		cvss2_cna_avNsee CVSS documentation01/09/2025ଗ୍ରହଣ କରାଯାଇଛି
99

79 ପରବର୍ତ୍ତୀ ଏଣ୍ଟ୍ରିଗୁଡିକ ଆଉ ଅଧିକ ପ୍ରଦର୍ଶିତ ହେବ ନାହିଁ

🔒 Login Required

You need to signup and login to see more of the remaining 79 results.

ପଛକୁସମୀକ୍ଷାଆହୁରି ଦୂରରେ

Do you know our Splunk app?

Download it now for free!