CVE-2025-8211
- EPSS 0.03%
- Veröffentlicht 26.07.2025 21:15:33
- Zuletzt bearbeitet 31.07.2025 17:52:09
A vulnerability was found in Roothub up to 2.6. It has been declared as problematic. Affected by this vulnerability is the function Edit of the file src/main/java/cn/roothub/web/admin/SystemConfigAdminController.java. The manipulation leads to cross ...
CVE-2024-33120
- EPSS 0.27%
- Veröffentlicht 07.05.2024 15:15:09
- Zuletzt bearbeitet 01.05.2025 14:55:22
Roothub v2.5 was discovered to contain an arbitrary file upload vulnerability via the customPath parameter in the upload() function. This vulnerability allows attackers to execute arbitrary code via a crafted JSP file.
CVE-2024-33122
- EPSS 0.1%
- Veröffentlicht 07.05.2024 15:15:09
- Zuletzt bearbeitet 01.05.2025 14:55:16
Roothub v2.6 was discovered to contain a SQL injection vulnerability via the topic parameter in the list() function.
CVE-2024-33124
- EPSS 0.16%
- Veröffentlicht 07.05.2024 15:15:09
- Zuletzt bearbeitet 01.05.2025 14:55:35
Roothub v2.6 was discovered to contain a SQL injection vulnerability via the nodeTitle parameter in the parentNode() function..
CVE-2024-33121
- EPSS 0.1%
- Veröffentlicht 06.05.2024 20:15:11
- Zuletzt bearbeitet 17.06.2025 16:04:18
Roothub v2.6 was discovered to contain a SQL injection vulnerability via the 's' parameter in the search() function.
- EPSS 2.04%
- Veröffentlicht 13.04.2022 15:15:09
- Zuletzt bearbeitet 21.11.2024 06:56:40
Directory Traversal vulnerability in file cn/roothub/store/FileSystemStorageService in function store in Roothub 2.6.0 allows remote attackers with low privlege to arbitrarily upload files via /common/upload API, which could lead to remote arbitrary ...