Szadmin Sz-Boot-Parent vulnerabilities
3 known vulnerabilities affecting szadmin/sz-boot-parent.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2026-3187P2CRITICALCVSS 9.8≤ 0.9.0v1.0.0+13 more2026-02-25
CVE-2026-3187 [CRITICAL] CWE-284 CVE-2026-3187: A vulnerability was identified in feiyuchuixue sz-boot-parent up to 1.3.2-beta. Affected by this iss
A vulnerability was identified in feiyuchuixue sz-boot-parent up to 1.3.2-beta. Affected by this issue is some unknown functionality of the file /api/admin/sys-file/upload of the component API Endpoint. Such manipulation leads to unrestricted upload. The attack may be launched remotely. The exploit is publicly available and might be used. Upgrading
nvd
CVE-2026-3185P4MEDIUMCVSS 5.3≤ 0.9.0v1.0.0+13 more2026-02-25
CVE-2026-3185 [MEDIUM] CWE-285 CVE-2026-3185: A vulnerability was found in feiyuchuixue sz-boot-parent up to 1.3.2-beta. Affected is an unknown fu
A vulnerability was found in feiyuchuixue sz-boot-parent up to 1.3.2-beta. Affected is an unknown function of the file /api/admin/sys-message/ of the component API Endpoint. The manipulation of the argument messageId results in authorization bypass. The attack can be launched remotely. The exploit has been made public and could be used. Upgrading to v
nvd
CVE-2026-3186P4MEDIUMCVSS 4.3≤ 0.9.0v1.0.0+13 more2026-02-25
CVE-2026-3186 [MEDIUM] CWE-1393 CVE-2026-3186: A vulnerability was determined in feiyuchuixue sz-boot-parent up to 1.3.2-beta. Affected by this vul
A vulnerability was determined in feiyuchuixue sz-boot-parent up to 1.3.2-beta. Affected by this vulnerability is an unknown functionality of the file /api/admin/sys-user/reset/password/ of the component Password Reset Handler. This manipulation of the argument userId causes use of default password. The attack may be initiated remotely. The exploit h
nvd