Vulners
Lucene search
2 matches found
CVE-2025-12008
Authorization bypass through User-Controlled key vulnerability in APPYAP Technology and Information Inc. Yaay Social Media App allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Yaay Social Media App: from 3.8.0 through 24102025...
8.8CVSS5.5AI score0.00041EPSS
Exploits0References1
CVE-2025-12008
CVE-2025-12008 describes an authorization bypass (IDOR) in APPYAP Technology and Information Inc.’s Yaay Social Media App, affecting versions 3.8.0 through 24102025. The vulnerability arises from a user-controlled key that defeats access control lists, enabling access to functionality not properl...
8.8CVSS5.8AI score0.00041EPSS
Exploits0References1
20