306 matches found
CVE-2025-3957
A vulnerability was found in opplus springboot-admin 1.0 and classified as critical. This issue affects some unknown processing of the file \src\main\resources\mapper\sys\SysLogDao.xml. The manipulation of the argument order leads to sql injection. The attack may be initiated remotely. The exploi...
CVE-2025-3957
A vulnerability was found in opplus springboot-admin 1.0 and classified as critical. This issue affects some unknown processing of the file \src\main\resources\mapper\sys\SysLogDao.xml. The manipulation of the argument order leads to sql injection. The attack may be initiated remotely. The exploi...
CVE-2025-3957
The CVE-2025-3957 entry concerns opplus springboot-admin 1.0, affecting the SysLogDao.xml file where the argument order can be manipulated to trigger a SQL injection. Multiple connected sources confirm remote-exploitation potential and public disclosure of the exploit. The Red Hat and PT Security...
CVE-2025-3957 opplus springboot-admin SysLogDao.xml sql injection
A vulnerability was found in opplus springboot-admin 1.0 and classified as critical. This issue affects some unknown processing of the file \src\main\resources\mapper\sys\SysLogDao.xml. The manipulation of the argument order leads to sql injection. The attack may be initiated remotely. The exploi...
CVE-2025-3957 opplus springboot-admin SysLogDao.xml sql injection
A vulnerability was found in opplus springboot-admin 1.0 and classified as critical. This issue affects some unknown processing of the file \src\main\resources\mapper\sys\SysLogDao.xml. The manipulation of the argument order leads to sql injection. The attack may be initiated remotely. The exploi...
PT-2025-17981 · Unknown · Opplus Springboot-Admin
Name of the Vulnerable Software and Affected Versions: opplus springboot-admin version 1.0 Description: A critical issue affects the processing of the file SysLogDao.xml. The manipulation of the argument order leads to SQL injection. The attack may be initiated remotely. Recommendations: For oppl...
CVE-2025-3849
A vulnerability classified as problematic was found in YXJ2018 SpringBoot-Vue-OnlineExam 1.0. This vulnerability affects unknown code of the file /api/studentPWD. The manipulation of the argument studentId leads to unverified password change. The attack can be initiated remotely. The exploit has...
CVE-2025-3849
A vulnerability classified as problematic was found in YXJ2018 SpringBoot-Vue-OnlineExam 1.0. This vulnerability affects unknown code of the file /api/studentPWD. The manipulation of the argument studentId leads to unverified password change. The attack can be initiated remotely. The exploit has...
CVE-2025-3850 YXJ2018 SpringBoot-Vue-OnlineExam API improper authentication
A vulnerability, which was classified as problematic, has been found in YXJ2018 SpringBoot-Vue-OnlineExam 1.0. This issue affects some unknown processing of the component API. The manipulation leads to improper authentication. The attack may be initiated remotely. The complexity of an attack is...
CVE-2025-3850 YXJ2018 SpringBoot-Vue-OnlineExam API improper authentication
A vulnerability, which was classified as problematic, has been found in YXJ2018 SpringBoot-Vue-OnlineExam 1.0. This issue affects some unknown processing of the component API. The manipulation leads to improper authentication. The attack may be initiated remotely. The complexity of an attack is...
SpringBoot-Vue-OnlineExam 授权问题漏洞
SpringBoot-Vue-OnlineExam is an online exam system by Yu Personal Developers. An authorization issue vulnerability exists in SpringBoot-Vue-OnlineExam version 1.0, which stems from improper authentication issues with certain processing of the component API...
CVE-2025-3849 YXJ2018 SpringBoot-Vue-OnlineExam studentPWD unverified password change
A vulnerability classified as problematic was found in YXJ2018 SpringBoot-Vue-OnlineExam 1.0. This vulnerability affects unknown code of the file /api/studentPWD. The manipulation of the argument studentId leads to unverified password change. The attack can be initiated remotely. The exploit has...
CVE-2025-3849 YXJ2018 SpringBoot-Vue-OnlineExam studentPWD unverified password change
A vulnerability classified as problematic was found in YXJ2018 SpringBoot-Vue-OnlineExam 1.0. This vulnerability affects unknown code of the file /api/studentPWD. The manipulation of the argument studentId leads to unverified password change. The attack can be initiated remotely. The exploit has...
CVE-2025-3849
CVE-2025-3849 affects YXJ2018 SpringBoot-Vue-OnlineExam 1.0 with a vulnerability in the file /api/studentPWD. The manipulation of the parameter studentId enables an unverified password change, and the attack can be initiated remotely. Public reports/entries confirm the existence of this issue acr...
PT-2025-17471 · Unknown · Yxj2018 Springboot-Vue-Onlineexam
Name of the Vulnerable Software and Affected Versions: YXJ2018 SpringBoot-Vue-OnlineExam version 1.0 Description: A vulnerability was found in YXJ2018 SpringBoot-Vue-OnlineExam, affecting unknown code of the file "/api/studentPWD". The manipulation of the studentId argument leads to unverified...
SpringBoot-Vue-OnlineExam 安全漏洞
SpringBoot-Vue-OnlineExam is an online exam system by Yu Personal Developer. A security vulnerability exists in SpringBoot-Vue-OnlineExam version 1.0, which stems from an unauthenticated password change due to manipulation of the studentId parameter in file/api/studentPWD...
CVE-2025-3413
A vulnerability has been found in opplus springboot-admin up to a2d5310f44fd46780a8686456cf2f9001ab8f024 and classified as critical. Affected by this vulnerability is the function code of the file SysGeneratorController.java. The manipulation of the argument Tables leads to deserialization. The...
CVE-2025-3393
A vulnerability was found in mrcen springboot-ucan-admin up to 5f35162032cbe9288a04e429ef35301545143509. It has been classified as problematic. This affects an unknown part of the file /ucan-admin/index of the component Personal Settings Interface. The manipulation leads to cross site scripting. ...
CVE-2025-3413
A vulnerability has been found in opplus springboot-admin up to a2d5310f44fd46780a8686456cf2f9001ab8f024 and classified as critical. Affected by this vulnerability is the function code of the file SysGeneratorController.java. The manipulation of the argument Tables leads to deserialization. The...
CVE-2025-3413
A vulnerability has been found in opplus springboot-admin up to a2d5310f44fd46780a8686456cf2f9001ab8f024 and classified as critical. Affected by this vulnerability is the function code of the file SysGeneratorController.java. The manipulation of the argument Tables leads to deserialization. The...