Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

19139 matches found

Cvelist
Cvelistadded 2025/12/26 1:32 a.m.32 views

CVE-2025-15094 sunkaifei FlyCMS User Login UserController.java userLogin cross site scripting

A weakness has been identified in sunkaifei FlyCMS up to abbaa5a8daefb146ad4d61027035026b052cb414. The impacted element is the function userLogin of the file src/main/java/com/flycms/web/front/UserController.java of the component User Login. Executing a manipulation of the argument redirectUrl ca...

5.3CVSS0.00354EPSS
Exploits1References5
NVD
NVDadded 2025/12/26 1:15 a.m.4 views

CVE-2025-15093

A security flaw has been discovered in sunkaifei FlyCMS up to abbaa5a8daefb146ad4d61027035026b052cb414. The affected element is an unknown function of the file src/main/java/com/flycms/web/system/IndexAdminController.java of the component Admin Login. Performing a manipulation of the argument...

6.1CVSS0.00365EPSS
Exploits1References5
OSV
OSVadded 2025/12/26 1:15 a.m.2 views

CVE-2025-15093

A security flaw has been discovered in sunkaifei FlyCMS up to abbaa5a8daefb146ad4d61027035026b052cb414. The affected element is an unknown function of the file src/main/java/com/flycms/web/system/IndexAdminController.java of the component Admin Login. Performing a manipulation of the argument...

6.1CVSS4AI score0.00365EPSS
Exploits1References5
ATTACKERKB
ATTACKERKBadded 2025/12/26 1:2 a.m.4 views

CVE-2025-15093

A security flaw has been discovered in sunkaifei FlyCMS up to abbaa5a8daefb146ad4d61027035026b052cb414. The affected element is an unknown function of the file src/main/java/com/flycms/web/system/IndexAdminController.java of the component Admin Login. Performing a manipulation of the argument...

6.1CVSS3.9AI score0.00365EPSS
Exploits1References5
Vulnrichment
Vulnrichmentadded 2025/12/26 1:2 a.m.3 views

CVE-2025-15093 sunkaifei FlyCMS Admin Login IndexAdminController.java cross site scripting

A security flaw has been discovered in sunkaifei FlyCMS up to abbaa5a8daefb146ad4d61027035026b052cb414. The affected element is an unknown function of the file src/main/java/com/flycms/web/system/IndexAdminController.java of the component Admin Login. Performing a manipulation of the argument...

5.3CVSS3.6AI score0.00365EPSS
Exploits1References5
CVE
CVEadded 2025/12/26 1:2 a.m.13 views

CVE-2025-15093

The CVE-2025-15093 entry concerns sunkaifei FlyCMS, affecting the Admin Login path in IndexAdminController.java. The vulnerability arises from manipulating the redirectUrl argument, enabling cross-site scripting. Impact is remote, with a publicly released exploit noted. The affected scope is desc...

6.1CVSS3.6AI score0.00365EPSS
Exploits1References5Affected Software1
CNNVD
CNNVDadded 2025/12/26 12:0 a.m.4 views

sunkaifei FlyCms 安全漏洞

sunkaifei FlyCms is a sunkaifei open source application. A similar Zhihu based on Q&A completely open source JAVA language development of social network building program. A security vulnerability exists in sunkaifei FlyCms, which originates from an incorrect operation of the parameter redirectUrl...

6.1CVSS4.5AI score0.00365EPSS
Exploits1References6
VulnCheck KEV
VulnCheck KEVadded 2025/12/26 12:0 a.m.11 views

VulnCheck KEV: CVE-2010-2035

Directory traversal vulnerability in the Percha Gallery comperchagallery component 1.6 Beta for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. dot dot in the controller parameter to index.php...

7.5CVSS6AI score0.15781EPSS
In wildExploits1References2
EUVD
EUVDadded 2025/12/25 9:30 p.m.5 views

EUVD-2025-205389

A security flaw has been discovered in youlaitech youlai-mall 1.0.0/2.0.0. This affects the function deductBalance of the file mall-ums/ums-boot/src/main/java/com/youlai/mall/ums/controller/app/MemberController.java of the component Balance Handler. The manipulation results in improper...

5.3CVSS6.1AI score0.00259EPSS
Exploits0References5
EUVD
EUVDadded 2025/12/25 9:2 p.m.2 views

EUVD-2025-205394

A security vulnerability has been detected in youlaitech youlai-mall 1.0.0/2.0.0. Affected is the function submitOrderPayment of the file mall-oms/oms-boot/src/main/java/com/youlai/mall/oms/controller/app/OrderController.java. Such manipulation of the argument orderSn leads to improper...

5.3CVSS4.7AI score0.00231EPSS
Exploits1References5
CVE
CVEadded 2025/12/25 9:2 p.m.10 views

CVE-2025-15087

CVE-2025-15087 affects youlaitech youlai-mall versions 1.0.0–2.0.0. The vulnerability is in OrderController.java, submitOrderPayment, where manipulating the orderSn argument leads to improper authorization. Exploit has been publicly disclosed; remote exploitation is possible, with exploit maturit...

5.3CVSS4.9AI score0.00231EPSS
Exploits1References4Affected Software1
Cvelist
Cvelistadded 2025/12/25 8:32 p.m.20 views

CVE-2025-15086 youlaitech youlai-mall MemberController.java getMemberByMobile access control

A weakness has been identified in youlaitech youlai-mall 1.0.0/2.0.0. This impacts the function getMemberByMobile of the file mall-ums/ums-boot/src/main/java/com/youlai/mall/ums/controller/app/MemberController.java. This manipulation causes improper access controls. The attack may be initiated...

5.3CVSS0.00258EPSS
Exploits1References4
Vulnrichment
Vulnrichmentadded 2025/12/25 8:32 p.m.5 views

CVE-2025-15086 youlaitech youlai-mall MemberController.java getMemberByMobile access control

A weakness has been identified in youlaitech youlai-mall 1.0.0/2.0.0. This impacts the function getMemberByMobile of the file mall-ums/ums-boot/src/main/java/com/youlai/mall/ums/controller/app/MemberController.java. This manipulation causes improper access controls. The attack may be initiated...

5.3CVSS4.7AI score0.00258EPSS
Exploits1References4
CVE
CVEadded 2025/12/25 8:32 p.m.10 views

CVE-2025-15086

CVE-2025-15086 affects youlaitech youlai-mall versions 1.0.0–2.0.0. The vulnerability is in the getMemberByMobile function of mall-ums/ums-boot/src/main/java/com/youlai/mall/ums/controller/app/MemberController.java, causing improper access controls. The issue can be exploited remotely and the exp...

5.3CVSS6.3AI score0.00258EPSS
Exploits1References4Affected Software1
OSV
OSVadded 2025/12/25 8:15 p.m.3 views

CVE-2025-15085

A security flaw has been discovered in youlaitech youlai-mall 1.0.0/2.0.0. This affects the function deductBalance of the file mall-ums/ums-boot/src/main/java/com/youlai/mall/ums/controller/app/MemberController.java of the component Balance Handler. The manipulation results in improper...

8.1CVSS5.4AI score0.00259EPSS
Exploits0References4
NVD
NVDadded 2025/12/25 8:15 p.m.5 views

CVE-2025-15085

A security flaw has been discovered in youlaitech youlai-mall 1.0.0/2.0.0. This affects the function deductBalance of the file mall-ums/ums-boot/src/main/java/com/youlai/mall/ums/controller/app/MemberController.java of the component Balance Handler. The manipulation results in improper...

8.1CVSS0.00259EPSS
Exploits0References4
CVE
CVEadded 2025/12/25 7:32 p.m.11 views

CVE-2025-15085

CVE-2025-15085 affects youlaitech youlai-mall versions 1.0.0–2.0.0 in the Balance Handler component. The issue resides in the function deductBalance inside mall-ums/ums-boot/src/main/java/com/youlai/mall/ums/controller/app/MemberController.java, causing improper authorization . The description st...

8.1CVSS6.3AI score0.00259EPSS
Exploits0References4Affected Software1
OSV
OSVadded 2025/12/25 7:15 p.m.2 views

CVE-2025-15084

A vulnerability was identified in youlaitech youlai-mall 1.0.0/2.0.0. The impacted element is the function orderService.payOrder of the file mall-oms/oms-boot/src/main/java/com/youlai/mall/oms/controller/app/OrderController.java of the component Order Payment Handler. The manipulation leads to...

3.1CVSS5.3AI score0.00245EPSS
Exploits1References4
Vulnrichment
Vulnrichmentadded 2025/12/25 6:32 p.m.5 views

CVE-2025-15084 youlaitech youlai-mall Order Payment OrderController.java orderService.payOrder access control

A vulnerability was identified in youlaitech youlai-mall 1.0.0/2.0.0. The impacted element is the function orderService.payOrder of the file mall-oms/oms-boot/src/main/java/com/youlai/mall/oms/controller/app/OrderController.java of the component Order Payment Handler. The manipulation leads to...

3.1CVSS3.9AI score0.00245EPSS
Exploits1References4
CVE
CVEadded 2025/12/25 6:32 p.m.8 views

CVE-2025-15084

CVE-2025-15084 affects youlaitech youlai-mall versions 1.0.0–2.0.0, specifically the Order Payment Handler’s OrderController.payOrder in mall-oms/oms-boot/src/main/java/com/youlai/mall/oms/controller/app/. The root cause is improper access controls in the orderService.payOrder function, enabling ...

3.1CVSS4.3AI score0.00245EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder