CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-13810

A vulnerability was found in jsnjfz WebStack-Guns 1.0. This affects the function renderPicture of the file src/main/java/com/jsnjfz/manage/modular/system/controller/KaptchaController.java. Performing manipulation results in path traversal. It is possible to initiate the attack remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 18.8%

CVSS Severity

CVSS v3 Score 5.3

CVSS v2 Score 5.0

References

https://github.com/Xzzz111/exps/blob/main/archives/WebStack-Guns-PathTraversal-1/report.md
https://github.com/Xzzz111/exps/blob/main/archives/WebStack-Guns-PathTraversal-1/report.md#proof-of-concept
https://vuldb.com/?ctiid.333820
https://vuldb.com/?id.333820
https://vuldb.com/?submit.692080

Products affected by CVE-2025-13810

Jsnjfz » Webstack-Guns » Version: 1.0

cpe:2.3:a:jsnjfz:webstack-guns:1.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-13810

Products

Pricing

Contact Us