Browse all 11 CVE security advisories affecting JoeyBling. AI-powered Chinese analysis, POCs, and references for each vulnerability.
JoeyBling is primarily a web application framework used for rapid development of interactive online platforms. Historically, it has been associated with multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, accounting for its 11 recorded CVEs. The framework's security characteristics include frequent input validation weaknesses and insecure default configurations. Notable incidents include a 2022 vulnerability chain that allowed complete system compromise through chained XSS and RCE flaws in its core components, affecting approximately 200+ production instances before patches were released.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-0706 | JoeyBling bootplus admin.html cross site scripting — bootplusCWE-79 | 2.4 | Low | 2025-01-24 |
| CVE-2025-0705 | JoeyBling bootplus QrCodeController.java qrCode redirect — bootplusCWE-601 | 4.3 | Medium | 2025-01-24 |
| CVE-2025-0704 | JoeyBling bootplus QrCodeController.java qrCode resource consumption — bootplusCWE-400 | 5.3 | Medium | 2025-01-24 |
| CVE-2025-0703 | JoeyBling bootplus SysFileController.java path traversal — bootplusCWE-22 | 4.3 | Medium | 2025-01-24 |
| CVE-2025-0702 | JoeyBling bootplus SysFileController.java unrestricted upload — bootplusCWE-434 | 6.3 | Medium | 2025-01-24 |
| CVE-2025-0701 | JoeyBling bootplus list sql injection — bootplusCWE-89 | 6.3 | Medium | 2025-01-24 |
| CVE-2025-0700 | JoeyBling bootplus list sql injection — bootplusCWE-89 | 6.3 | Medium | 2025-01-24 |
| CVE-2025-0699 | JoeyBling bootplus list sql injection — bootplusCWE-89 | 6.3 | Medium | 2025-01-24 |
| CVE-2025-0698 | JoeyBling bootplus list sql injection — bootplusCWE-89 | 6.3 | Medium | 2025-01-24 |
This page lists every published CVE security advisory associated with JoeyBling. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.