Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

N/A

Source -

N/A

CNA CVEs -

0

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated VendorsRelated AssignersReports
6Vulnerabilities found
CVE-2025-8708
Assigner-VulDB
ShareView Details
Assigner-VulDB
CVSS Score-2.3||LOW
EPSS-0.04% / 11.56%
||
7 Day CHG-0.01%
Published-08 Aug, 2025 | 02:32
Updated-21 Aug, 2025 | 20:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Antabot White-Jotter com.gm.wj.config.ShiroConfiguration ShiroConfiguration.java CookieRememberMeManager deserialization

A vulnerability was found in Antabot White-Jotter 0.22. It has been declared as critical. This vulnerability affects the function CookieRememberMeManager of the file ShiroConfiguration.java of the component com.gm.wj.config.ShiroConfiguration. The manipulation with the input EVANNIGHTLY_WAOU leads to deserialization. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-antabotAntabot
Product-white-jotterWhite-Jotter
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2024-57176
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-7.6||HIGH
EPSS-0.21% / 43.99%
||
7 Day CHG+0.01%
Published-21 Feb, 2025 | 00:00
Updated-21 Aug, 2025 | 21:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue in the shiroFilter function of White-Jotter project v0.2.2 allows attackers to execute a directory traversal and access sensitive endpoints via a crafted URL.

Action-Not Available
Vendor-antabotn/a
Product-white-jottern/a
CWE ID-CWE-437
Incomplete Model of Endpoint Features
CVE-2024-13032
Assigner-VulDB
ShareView Details
Assigner-VulDB
CVSS Score-5.1||MEDIUM
EPSS-0.03% / 4.95%
||
7 Day CHG~0.00%
Published-30 Dec, 2024 | 01:00
Updated-06 Jan, 2025 | 18:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Antabot White-Jotter Article Editor editor server-side request forgery

A vulnerability classified as problematic was found in Antabot White-Jotter up to 0.2.2. Affected by this vulnerability is an unknown functionality of the file /admin/content/editor of the component Article Editor. The manipulation of the argument articleCover leads to server-side request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-antabotAntabot
Product-white-jotterWhite-Jotter
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2024-13031
Assigner-VulDB
ShareView Details
Assigner-VulDB
CVSS Score-5.1||MEDIUM
EPSS-0.06% / 18.35%
||
7 Day CHG~0.00%
Published-30 Dec, 2024 | 00:31
Updated-06 Jan, 2025 | 18:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Antabot White-Jotter Article Content Editor editor cross site scripting

A vulnerability classified as problematic has been found in Antabot White-Jotter up to 0.2.2. Affected is an unknown function of the file /admin/content/editor of the component Article Content Editor. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-antabotAntabot
Product-white-jotterWhite-Jotter
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2024-13029
Assigner-VulDB
ShareView Details
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-0.26% / 49.54%
||
7 Day CHG+0.21%
Published-29 Dec, 2024 | 23:31
Updated-21 Aug, 2025 | 17:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Antabot White-Jotter Edit Book book server-side request forgery

A vulnerability, which was classified as problematic, was found in Antabot White-Jotter up to 0.2.2. Affected is an unknown function of the file /admin/content/book of the component Edit Book Handler. The manipulation leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-antabotAntabot
Product-white-jotterWhite-Jotter
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2024-13028
Assigner-VulDB
ShareView Details
Assigner-VulDB
CVSS Score-6.3||MEDIUM
EPSS-0.07% / 21.45%
||
7 Day CHG-0.00%
Published-29 Dec, 2024 | 23:00
Updated-21 Aug, 2025 | 17:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Antabot White-Jotter login observable response discrepancy

A vulnerability, which was classified as problematic, has been found in Antabot White-Jotter up to 0.2.2. This issue affects some unknown processing of the file /login. The manipulation of the argument username leads to observable response discrepancy. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-antabotAntabot
Product-white-jotterWhite-Jotter
CWE ID-CWE-203
Observable Discrepancy
CWE ID-CWE-204
Observable Response Discrepancy