CVE-2025-25586

Medium CVSS: 4.2

yimioa before v2024.07.04 was discovered to contain an information disclosure vulnerability via the component /resources/application.yml.

Vendor

Product

CWE

Yayın Tarihi

2025-03-18 16:15:27

Güncelleme

2025-04-01 20:38:38

Source Identifier

cve@mitre.org

KEV Date Added

CWE-538 Yimioa MEDIUM R1bbit 2025

https://gitee.com/r1bbit/yimioa/issues/IBI7LR

Medium

CVE-2025-25582

yimioa before v2024.07.04 was discovered to contain a SQL injection vulnerability via the selectNoticeList() method at /…

Medium

CVE-2025-25580

yimioa before v2024.07.04 was discovered to contain a SQL injection vulnerability via the listNameBySql() method at /xml…

High

CVE-2025-25585

Incorrect access control in the component /config/WebSecurityConfig.java of yimioa before v2024.07.04 allows unauthorize…

Medium

CVE-2025-25590

yimioa before v2024.07.04 was discovered to contain a SQL injection vulnerability via the component /mapper/xml/AddressD…

Medium

CVE-2025-1226

A vulnerability was found in ywoa up to 2024.07.03. It has been declared as critical. This vulnerability affects unknown…

Medium

CVE-2025-1227

A vulnerability was found in ywoa up to 2024.07.03. It has been rated as critical. This issue affects the function selec…