CVE-2025-4175 – AlanBinu007 Spring-Boot-Advanced-Projects Path Traversal Vulnerability

May 1, 2025

CVE ID : CVE-2025-4175

Published : May 1, 2025, 9:15 p.m. | 2 hours, 11 minutes ago

Description : A vulnerability, which was classified as critical, was found in AlanBinu007 Spring-Boot-Advanced-Projects up to 3.1.3. This affects the function uploadUserProfileImage of the file /Spring-Boot-Advanced-Projects-main/Project-4.SpringBoot-AWS-S3/backend/src/main/java/com/urunov/profile/UserProfileController.jav of the component Upload Profile API Endpoint. The manipulation of the argument File leads to path traversal. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-1333 – IBM MQ Container Keycloak Information Disclosure

Next Article CVE-2024-48907 – Sematell ReplyOne 7.4.3.0 allows SSRF via the appl

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

Elden Ring Nightreign classes: All 8 Nightfarer characters in FromSoftware’s co-op spinoff explained

How I make my own NFC tags to share my Wi-Fi password with guests – it’s easy!

Microsoft Bing is stealing tens of millions of Google’s search users according to the latest data

Microsoft could bring Elon Musk’s Grok AI model to Azure — Cozying up with OpenAI’s arch-nemesis xAI for its AI Foundry

Perficient is Headed to Salesforce Connections 2025: Here’s What You Need to Know

Perficient is Headed to Salesforce Connections 2025: Here’s What You Need to Know

Perficient Wins 2025 Delivery Award at Appian World for Second Consecutive Year

JavaScript Pulse: Weekly Dev Digest – May 2, 2025

Elden Ring Nightreign classes: All 8 Nightfarer characters in FromSoftware’s co-op spinoff explained

Elden Ring Nightreign classes: All 8 Nightfarer characters in FromSoftware’s co-op spinoff explained

Spf Permerror Troubleshooting Guide For Better Email Deliverability Today

KEditBookmarks is a bookmark organizer and editor

CVE-2025-4175 – AlanBinu007 Spring-Boot-Advanced-Projects Path Traversal Vulnerability

CISA Adds Two New Exploited Vulnerabilities to Its Catalog: CVE-2024-38475 and CVE-2023-44221

CVE-2025-3815 – WordPress SurveyJS Stored Cross-Site Scripting

Samsung introduces new turnkey foundry service, advanced nodes for AI chips

This Linux distro could let your old laptop ‘shine on’ after Windows 10’s sunset

The Rsdoctor will see you now

AI-Powered Fake News Campaign Targets Western Support for Ukraine and U.S. Elections

Sharpening LLMs: The Sharpest Tools and Essential Techniques for Precision and Clarity

Meet Baichuan-M1: A New Series of Large Language Models Trained on 20T Tokens with a Dedicated Focus on Enhancing Medical Capabilities

Redesigning Datasets for AI-Driven Mathematical Discovery: Overcoming Current Limitations and Enhancing Workflow Representation

Three.js Custom Material Techniques

CVE-2025-4175 – AlanBinu007 Spring-Boot-Advanced-Projects Path Traversal Vulnerability

Related Posts