📦 Springblade

CVE-2025-70982 is an improper access control vulnerability in SpringBlade v4.5.0 that allows attackers with low-level privileges to import sensitive user data without proper authorization. This affect...

This vulnerability allows attackers with low-level privileges to escalate their privileges in SpringBlade v4.5.0 due to incorrect access control in the authRoutes function. Organizations using SpringB...

This CVE describes a SQL injection vulnerability in SpringBlade v3.6.0 where user-submitted parameters are not properly sanitized with quotation marks during SQL query execution. Attackers can exploit...

SpringBlade v3.2.0 and below contains a SQL injection vulnerability in the customSqlSegment component that allows attackers to execute arbitrary SQL commands. This affects all deployments using vulner...

This vulnerability in SpringBlade 3.7.1 allows attackers to retrieve sensitive information through a crafted GET request to the tenant API endpoint. It affects systems running vulnerable versions of S...

This critical SQL injection vulnerability in SpringBlade 4.1.0 allows remote attackers to execute arbitrary SQL commands through the /api/blade-system/menu/list endpoint. Organizations using SpringBla...