CVE-2025-7488 – JoeyBling SpringBoot_MyBatisPlus Remote File Path Traversal Vulnerability

July 12, 2025

CVE ID : CVE-2025-7488

Published : July 12, 2025, 8:15 p.m. | 2 hours, 27 minutes ago

Description : A vulnerability has been found in JoeyBling SpringBoot_MyBatisPlus up to a6a825513bd688f717dbae3a196bc9c9622fea26 and classified as critical. This vulnerability affects the function Download of the file /file/download. The manipulation of the argument Name leads to path traversal. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available.

Severity: 4.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-7489 – “PHPGurukul Vehicle Parking Management System SQL Injection Vulnerability”

Next Article CVE-2025-7487 – JoeyBling SpringBoot_MyBatisPlus Unrestricted File Upload Vulnerability

Highlights

CVE-2025-46823 – OpenMRS FHIR2 Privilege Escalation Vulnerability

May 29, 2025

CVE ID : CVE-2025-46823

Published : May 29, 2025, 6:15 p.m. | 3 hours, 18 minutes ago

Description : openmrs-module-fhir2 provides the FHIR REST API and related services for OpenMRS, an open medical records system. In versions of the FHIR2 module prior to 2.5.0, privileges were not always correctly checked, which means that unauthorized users may have been able to add or edit data they were not supposed to be able to. All implementers should update to FHIR2 2.5.0 or newer as soon as is feasible to receive a patch.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

This week in AI dev tools: Gemini API Batch Mode, Amazon SageMaker AI updates, and more (July 11, 2025)

JFrog finds MCP-related vulnerability, highlighting need for stronger focus on security in MCP ecosystem

8 Key Questions Every CEO Should Ask Before Hiring a Node.js Development Company in 2025

Vibe Loop: AI-native reliability engineering for the real world

The best Xbox and PC headset I’ve used for the last couple years is on sale

These 5 free add-ons make Minecraft Bedrock Edition feel brand new

This compact laptop dock streamlined my workspace – and it’s buy one get one

Why your USB-C device won’t charge – and what you can do instead

The details of TC39’s last meeting

The details of TC39’s last meeting

new Date(“wtf”) – How well do you know JavaScript’s Date class?

Francisco Bergeret Paves the Way Through Strong Leadership at Perficient

The best Xbox and PC headset I’ve used for the last couple years is on sale

The best Xbox and PC headset I’ve used for the last couple years is on sale

These 5 free add-ons make Minecraft Bedrock Edition feel brand new

Indeed & Glassdoor lay off 1,300 as parent company bets big on AI

CVE-2025-7488 – JoeyBling SpringBoot_MyBatisPlus Remote File Path Traversal Vulnerability

CVE-2025-7485 – Open5GS Reachable Assertion Vulnerability

CVE-2025-7487 – JoeyBling SpringBoot_MyBatisPlus Unrestricted File Upload Vulnerability

CVE-2025-34024 – Edimax EW-7438RPn Command Injection Vulnerability

How to Become a Node.js Backend Developer

CVE-2025-4568 – Apache HTTP Server Blind SQL Injection

The Top 25 Women Cybersecurity Leaders in the UAE in 2025

CVE-2025-46823 – OpenMRS FHIR2 Privilege Escalation Vulnerability

CVE-2025-52496 – Mbed TLS AESNI Detection Race Condition

CodeSOD: The Firefox Fix

Wayland vs X11: progresso necessario o strategia di marketing?

CVE-2025-7488 – JoeyBling SpringBoot_MyBatisPlus Remote File Path Traversal Vulnerability

Related Posts