Browse all 11 CVE security advisories affecting JoeyBling. AI-powered Chinese analysis, POCs, and references for each vulnerability.
JoeyBling is primarily a web application framework used for rapid development of interactive online platforms. Historically, it has been associated with multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, accounting for its 11 recorded CVEs. The framework's security characteristics include frequent input validation weaknesses and insecure default configurations. Notable incidents include a 2022 vulnerability chain that allowed complete system compromise through chained XSS and RCE flaws in its core components, affecting approximately 200+ production instances before patches were released.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-7488 | JoeyBling SpringBoot_MyBatisPlus download path traversal — SpringBoot_MyBatisPlusCWE-22 | 4.3 | Medium | 2025-07-12 |
| CVE-2025-7487 | JoeyBling SpringBoot_MyBatisPlus upload SysFileController unrestricted upload — SpringBoot_MyBatisPlusCWE-434 | 6.3 | Medium | 2025-07-12 |
This page lists every published CVE security advisory associated with JoeyBling. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.