CVE-2025-3381

Medium CVSS: 5.3

A vulnerability, which was classified as critical, was found in zhangyanbo2007 youkefu 4.2.0. This affects an unknown part of the file WebIMController.java of the component File Upload. The manipulation of the argument ID leads to path traversal. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Vendor

Zhangyanbo2007

Product

Youkefu

CWE

CWE-22

Yayın Tarihi

2025-04-07 20:15:21

Güncelleme

2025-10-10 12:44:31

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-22 Youkefu MEDIUM Zhangyanbo2007 2025

Referanslar

https://github.com/mapl3miss/uckefuVul/blob/main/uckefu-upload.md https://vuldb.com/?ctiid.303627 https://vuldb.com/?id.303627 https://vuldb.com/?submit.552369 https://github.com/mapl3miss/uckefuVul/blob/main/uckefu-upload.md

Benzer Kayıtlar

Medium

CVE-2025-4260

A vulnerability was found in zhangyanbo2007 youkefu up to 4.2.0 and classified as problematic. Affected by this issue is…

Medium

CVE-2025-4258

A vulnerability, which was classified as critical, was found in zhangyanbo2007 youkefu up to 4.2.0. Affected is the func…

Medium

CVE-2025-3241

A vulnerability, which was classified as problematic, was found in zhangyanbo2007 youkefu up to 4.2.0. This affects an u…

Medium

CVE-2025-2997

A vulnerability was found in zhangyanbo2007 youkefu 4.2.0. It has been classified as critical. Affected is an unknown fu…