Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

gin-vue-admin vulnerabilities and exploits

(subscribe to this query)
NA
CVE-2022-32177
In "Gin-Vue-Admin", versions v2.5.1 through v2.5.3beta are vulnerable to Unrestricted File Upload that leads to execution of javascript code, through the 'Normal Upload' functionality to the Media Library. When an admin user views the uploaded file, a low priv...
Gin-vue-admin Project Gin-vue-admin 2.5.3Gin-vue-admin Project Gin-vue-admin
NA
CVE-2022-39305
Gin-vue-admin is a backstage management system based on vue and gin, which separates the front and rear of the full stack. Versions before 2.5.4 contain a file upload ability. The affected code fails to validate fileMd5 and fileName parameters, resulting in an arbitrary file bein...
Gin-vue-admin Project Gin-vue-admin
NA
CVE-2022-47762
In gin-vue-admin < 2.5.5, the download module has a Path Traversal vulnerability.
Gin-vue-admin Project Gin-vue-admin
7.5
CVSSv2
CVE-2021-44219
Gin-Vue-Admin prior to 2.4.6 mishandles a SQL database.
Gin-vue-admin Project Gin-vue-admin
NA
CVE-2022-32176
In "Gin-Vue-Admin", versions v2.5.1 through v2.5.3b are vulnerable to Unrestricted File Upload that leads to execution of javascript code, through the "Compress Upload" functionality to the Media Library. When an admin user views the uploaded file, a low privi...
Gin-vue-admin Project Gin-vue-admin
5.5
CVSSv2
CVE-2022-21660
Gin-vue-admin is a backstage management system based on vue and gin. In versions before 2.4.7 low privilege users are able to modify higher privilege users. Authentication is missing on the `setUserInfo` function. Users are advised to update as soon as possible. There are no know...
Gin-vue-admin Project Gin-vue-admin
NA
CVE-2022-39345
Gin-vue-admin is a backstage management system based on vue and gin, which separates the front and rear of the full stack. Gin-vue-admin before 2.5.4 is vulnerable to path traversal, which leads to file upload vulnerabilities. Version 2.5.4 contains a patch for this issue. There ...
Gin-vue-admin Project Gin-vue-admin
5
CVSSv2
CVE-2022-24843
Gin-vue-admin is a backstage management system based on vue and gin, which separates the front and rear of the full stack. Gin-vue-admin 2.50 has arbitrary file read vulnerability due to a lack of parameter validation. This has been resolved in version 2.5.1. There are no known w...
Gin-vue-admin Project Gin-vue-admin
6.5
CVSSv2
CVE-2022-24844
Gin-vue-admin is a backstage management system based on vue and gin, which separates the front and rear of the full stack. The problem occurs in the following code in server/service/system/sys_auto_code_pgsql.go, which means that PostgreSQL must be used as the database for this v...
Gin-vue-admin Project Gin-vue-admin
NA
CVE-2024-31760
An issue in sanluan flipped-aurora gin-vue-admin 2.4.x allows an malicious user to escalate privileges via the Session Expiration component.
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserializationCVE-2024-4040cross-site scriptingCVE-2023-25790CVE-2024-2961XML external entityCVE-2024-26926CVE-2024-32806CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook