CVE-2025-25580

Medium CVSS: 6.1

yimioa before v2024.07.04 was discovered to contain a SQL injection vulnerability via the listNameBySql() method at /xml/UserMapper.xml.

Vendor

Product

CWE

Yayın Tarihi

2025-03-18 15:16:00

Güncelleme

2025-06-19 00:18:57

Source Identifier

cve@mitre.org

KEV Date Added

CWE-89 Yimioa MEDIUM R1bbit 2025

https://gitee.com/r1bbit/yimioa/issues/IBI6XT

Medium

CVE-2025-25586

yimioa before v2024.07.04 was discovered to contain an information disclosure vulnerability via the component /resources…

Medium

CVE-2025-25582

yimioa before v2024.07.04 was discovered to contain a SQL injection vulnerability via the selectNoticeList() method at /…

High

CVE-2025-25585

Incorrect access control in the component /config/WebSecurityConfig.java of yimioa before v2024.07.04 allows unauthorize…

Medium

CVE-2025-25590

yimioa before v2024.07.04 was discovered to contain a SQL injection vulnerability via the component /mapper/xml/AddressD…

Medium

CVE-2025-1226

A vulnerability was found in ywoa up to 2024.07.03. It has been declared as critical. This vulnerability affects unknown…

Medium

CVE-2025-1227

A vulnerability was found in ywoa up to 2024.07.03. It has been rated as critical. This issue affects the function selec…