wy876/cve

Releases0

Stars3

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2025-29213 ↗	Apr 15, 2025Tuesday, 15 April 2025, 19:16	5.5 MEDIUM	—
A zip slip vulnerability in the component \service\migrate\MigrateForm.java of JEEWMS v3.7 allows attackers to execute arbitrary code via a crafted Zip file.
CVE-2024-33332 ↗	Apr 30, 2024Tuesday, 30 April 2024, 20:15	7.5 HIGH	—
An issue discovered in SpringBlade 3.7.1 allows attackers to obtain sensitive information via crafted GET request to api/blade-system/tenant.
CVE-2024-24160 ↗	Feb 2, 2024Friday, 2 February 2024, 16:15	5.4 MEDIUM	—
MRCMS 3.0 contains a Cross-Site Scripting (XSS) vulnerability via /admin/system/saveinfo.do.
CVE-2024-24161 ↗	Feb 2, 2024Friday, 2 February 2024, 16:15	7.5 HIGH	—
MRCMS 3.0 contains an Arbitrary File Read vulnerability in /admin/file/edit.do as the incoming path parameter is not filtered.