Vendor

cool-admin

Products

CVEs

Across products

Status

Private

Products

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2024-57409	cool-admin cool-admin-java		0.00	—	0.00		Feb 10, 2025	A stored cross-site scripting (XSS) vulnerability in the Parameter List module of cool-admin-java v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the internet pictures field.
CVE-2024-57408	cool-admin cool-admin-java		0.00	—	0.00		Feb 10, 2025	An arbitrary file upload vulnerability in the component /comm/upload of cool-admin-java v1.0 allows attackers to execute arbitrary code via uploading a crafted file.

CVE-2024-57409Feb 10, 2025
cool-admin
cool-admin-java
risk 0.00cvss —epss 0.00
A stored cross-site scripting (XSS) vulnerability in the Parameter List module of cool-admin-java v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the internet pictures field.
CVE-2024-57408Feb 10, 2025
cool-admin
cool-admin-java
risk 0.00cvss —epss 0.00
An arbitrary file upload vulnerability in the component /comm/upload of cool-admin-java v1.0 allows attackers to execute arbitrary code via uploading a crafted file.