CVE-2025-2997

Medium CVSS: 5.3

A vulnerability was found in zhangyanbo2007 youkefu 4.2.0. It has been classified as critical. Affected is an unknown function of the file /res/url. The manipulation of the argument url leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Vendor

Zhangyanbo2007

Product

Youkefu

CWE

CWE-918

Yayın Tarihi

2025-03-31 14:15:20

Güncelleme

2025-10-10 17:35:20

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-918 Youkefu MEDIUM Zhangyanbo2007 2025

Referanslar

https://github.com/exp3n5ive/Vul/blob/main/youkefu/youkefu.pdf https://vuldb.com/?ctiid.302046 https://vuldb.com/?id.302046 https://vuldb.com/?submit.524009

Benzer Kayıtlar

Medium

CVE-2025-4260

A vulnerability was found in zhangyanbo2007 youkefu up to 4.2.0 and classified as problematic. Affected by this issue is…

Medium

CVE-2025-4258

A vulnerability, which was classified as critical, was found in zhangyanbo2007 youkefu up to 4.2.0. Affected is the func…

Medium

CVE-2025-3381

A vulnerability, which was classified as critical, was found in zhangyanbo2007 youkefu 4.2.0. This affects an unknown pa…

Medium

CVE-2025-3241

A vulnerability, which was classified as problematic, was found in zhangyanbo2007 youkefu up to 4.2.0. This affects an u…