All 6 CVE vulnerabilities found in admin, with AI-generated Chinese analysis, references, and POCs.
Vendor: ContiNew
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-5252 | z-9527 admin Message Create Endpoint message.js cross site scripting CWE-79 | 3.5 | Low | 2026-04-01 |
| CVE-2026-5251 | z-9527 admin User Update Endpoint user.js dynamically-determined object attributes CWE-915 | 6.3 | Medium | 2026-04-01 |
| CVE-2026-4999 | z-9527 admin isImg Check upload.js uploadFile path traversal CWE-22 | 6.3 | Medium | 2026-03-28 |
| CVE-2026-3200 | z-9527 admin user.js getUsers sql injection CWE-89 | 7.3 | High | 2026-02-25 |
| CVE-2024-8155 | ContiNew Admin tree sql injection CWE-89 | 4.7 | Medium | 2024-08-25 |
| CVE-2024-8150 | ContiNew Admin user sql injection CWE-89 | 4.7 | Medium | 2024-08-25 |
All 6 known CVE vulnerabilities affecting admin with full Chinese analysis, references, and POCs where available.