9 matches found
EUVD-2025-13430
Malicious code in bioql PyPI...
CVE-2025-45608
Incorrect access control in the /system/user/findUserList API of Xinguan v0.0.1-SNAPSHOT allows attackers to access sensitive information via a crafted payload...
CVE-2025-45608
Incorrect access control in the /system/user/findUserList API of Xinguan v0.0.1-SNAPSHOT allows attackers to access sensitive information via a crafted payload...
CVE-2025-45608
Incorrect access control in the /system/user/findUserList API of Xinguan v0.0.1-SNAPSHOT allows attackers to access sensitive information via a crafted payload...
xinguan 安全漏洞
xinguan is a new crown material management system by zykzhangyukang Individual Developer. A security vulnerability exists in xinguan version v0.0.1, which stems from improper access control of the /system/user/findUserList API, which could lead to access to sensitive information...
CVE-2025-45608
Incorrect access control in the /system/user/findUserList API of Xinguan v0.0.1-SNAPSHOT allows attackers to access sensitive information via a crafted payload...
CVE-2025-45608
Incorrect access control in the /system/user/findUserList API of Xinguan v0.0.1-SNAPSHOT allows attackers to access sensitive information via a crafted payload...
PT-2025-19776 · Xinguan · Xinguan
Name of the Vulnerable Software and Affected Versions: Xinguan version 0.0.1-SNAPSHOT Description: The issue is related to incorrect access control in the "/system/user/findUserList" API endpoint, which allows attackers to access sensitive information by sending a crafted payload. Recommendations...
CVE-2025-45608
Summary : CVE-2025-45608 affects Xinguan v0.0.1-SNAPSHOT, where the /system/user/findUserList API has incorrect access control, enabling attackers to access sensitive information via a crafted payload. The vulnerability is described consistently across NVD/Red Hat/CVE/CNNVD-style records and thir...