7 matches found
CVE-2025-25590
yimioa before v2024.07.04 was discovered to contain a SQL injection vulnerability via the component /mapper/xml/AddressDao.xml...
CVE-2025-25590
yimioa before v2024.07.04 was discovered to contain a SQL injection vulnerability via the component /mapper/xml/AddressDao.xml...
CVE-2025-25590
yimioa before v2024.07.04 was discovered to contain a SQL injection vulnerability via the component /mapper/xml/AddressDao.xml...
CVE-2025-25590
yimioa before v2024.07.04 was discovered to contain a SQL injection vulnerability via the component /mapper/xml/AddressDao.xml...
CVE-2025-25590
CVE-2025-25590 affects yimioa prior to v2024.07.04, with a SQL injection vulnerability in the component /mapper/xml/AddressDao.xml. The available data confirms the issue and its root cause (SQL injection in AddressDao.xml) without detailing a fixed version or patch. CVSS 3.1 base score is 6.1 (Me...
CVE-2025-1227 ywoa AddressDao.xml selectList sql injection
A vulnerability was found in ywoa up to 2024.07.03. It has been rated as critical. This issue affects the function selectList of the file com/cloudweb/oa/mapper/xml/AddressDao.xml. The manipulation leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the...
PT-2025-6863 · Ywoa · Ywoa
Name of the Vulnerable Software and Affected Versions: ywoa versions up to 2024.07.03 Description: A critical issue affects the function selectList of the file com/cloudweb/oa/mapper/xml/AddressDao.xml, leading to SQL injection. The attack may be initiated remotely. Recommendations: Upgrading to...