Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
mayswind ezbookkeeping versions 1.2.0 and earlier contain a critical vulnerability in JSON and XML file import processing. The application fails to validate nesting depth during parsing operations, allowing authenticated attackers to trigger denial of service conditions by uploading deeply nested malicious files. This results in CPU exhaustion, service degradation, or complete service unavailability.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
ezBookkeeping 安全漏洞
Vulnerability Description
ezBookkeeping是mayswind个人开发者的一个轻量级个人簿记应用程序。 ezBookkeeping 1.2.0及之前版本存在安全漏洞,该漏洞源于JSON和XML文件导入处理过程中未验证嵌套深度,可能导致经过身份验证的攻击者通过上传深度嵌套的恶意文件触发拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A