VYPR

shiyi-blog

by Uglory Gll

CVEs (4)

  • CVE-2025-5512HigJun 3, 2025
    risk 0.48cvss 7.3epss 0.01

    A vulnerability, which was classified as critical, was found in quequnlong shiyi-blog up to 1.2.1. Affected is an unknown function of the file /api/sys/user/verifyPassword/ of the component Administrator Backend. The manipulation leads to improper authentication. It is possible…

  • CVE-2025-5510MedJun 3, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability classified as critical was found in quequnlong shiyi-blog up to 1.2.1. This vulnerability affects unknown code of the file /app/sys/article/optimize. The manipulation of the argument url leads to server-side request forgery. The attack can be initiated remotely.…

  • CVE-2025-5509MedJun 3, 2025
    risk 0.41cvss 6.3epss 0.01

    A vulnerability classified as critical has been found in quequnlong shiyi-blog up to 1.2.1. This affects an unknown part of the file /api/file/upload. The manipulation of the argument file/source leads to path traversal. It is possible to initiate the attack remotely. The…

  • CVE-2025-5511MedJun 3, 2025
    risk 0.34cvss 5.3epss 0.01

    A vulnerability, which was classified as critical, has been found in quequnlong shiyi-blog up to 1.2.1. This issue affects some unknown processing of the file /dev api/app/album/photos/. The manipulation leads to improper authorization. The attack may be initiated remotely. The…