Quequnlong Shiyi Blog
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Quequnlong Shiyi Blog.
By the Year
In 2026 there have been 0 vulnerabilities in Quequnlong Shiyi Blog. Last year, in 2025 Shiyi Blog had 3 security vulnerabilities published. Right now, Shiyi Blog is on track to have less security vulnerabilities in 2026 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 3 | 8.63 |
It may take a day or so for new Shiyi Blog vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Quequnlong Shiyi Blog Security Vulnerabilities
quequnlong shiyi-blog <1.2.1: Job Handler Deserialization Remote
CVE-2025-12305
6.3 - Medium
- October 27, 2025
A vulnerability was found in quequnlong shiyi-blog up to 1.2.1. This impacts an unknown function of the file src/main/java/com/mojian/controller/SysJobController.java of the component Job Handler. The manipulation results in deserialization. The attack can be executed remotely. The exploit has been made public and could be used.
Marshaling, Unmarshaling
CVE-2025-5510 SSRF in quequnlong shiyi-blog <=1.2.1
CVE-2025-5510
9.8 - Critical
- June 03, 2025
A vulnerability classified as critical was found in quequnlong shiyi-blog up to 1.2.1. This vulnerability affects unknown code of the file /app/sys/article/optimize. The manipulation of the argument url leads to server-side request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
SSRF
shiyi-blog <=1.2.1 Path Traversal via /api/file/upload
CVE-2025-5509
9.8 - Critical
- June 03, 2025
A vulnerability classified as critical has been found in quequnlong shiyi-blog up to 1.2.1. This affects an unknown part of the file /api/file/upload. The manipulation of the argument file/source leads to path traversal. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Directory traversal
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Quequnlong Shiyi Blog or by Quequnlong? Click the Watch button to subscribe.
