CVE-2025-15093

A security flaw has been discovered in sunkaifei FlyCMS up to abbaa5a8daefb146ad4d61027035026b052cb414. The affected element is an unknown function of the file src/main/java/com/flycms/web/system/IndexAdminController.java of the component Admin Login. Performing a manipulation of the argument...

CVE-2025-15093

A security flaw has been discovered in sunkaifei FlyCMS up to abbaa5a8daefb146ad4d61027035026b052cb414. The affected element is an unknown function of the file src/main/java/com/flycms/web/system/IndexAdminController.java of the component Admin Login. Performing a manipulation of the argument...

CVE-2025-15093 sunkaifei FlyCMS Admin Login IndexAdminController.java cross site scripting

A security flaw has been discovered in sunkaifei FlyCMS up to abbaa5a8daefb146ad4d61027035026b052cb414. The affected element is an unknown function of the file src/main/java/com/flycms/web/system/IndexAdminController.java of the component Admin Login. Performing a manipulation of the argument...

CVE-2025-15093

The CVE-2025-15093 entry concerns sunkaifei FlyCMS, affecting the Admin Login path in IndexAdminController.java. The vulnerability arises from manipulating the redirectUrl argument, enabling cross-site scripting. Impact is remote, with a publicly released exploit noted. The affected scope is desc...

VulnCheck KEV: CVE-2010-2035

Directory traversal vulnerability in the Percha Gallery comperchagallery component 1.6 Beta for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. dot dot in the controller parameter to index.php...

sunkaifei FlyCms 安全漏洞

sunkaifei FlyCms is a sunkaifei open source application. A similar Zhihu based on Q&A completely open source JAVA language development of social network building program. A security vulnerability exists in sunkaifei FlyCms, which originates from an incorrect operation of the parameter redirectUrl...

EUVD-2025-205389

A security flaw has been discovered in youlaitech youlai-mall 1.0.0/2.0.0. This affects the function deductBalance of the file mall-ums/ums-boot/src/main/java/com/youlai/mall/ums/controller/app/MemberController.java of the component Balance Handler. The manipulation results in improper...

EUVD-2025-205394

A security vulnerability has been detected in youlaitech youlai-mall 1.0.0/2.0.0. Affected is the function submitOrderPayment of the file mall-oms/oms-boot/src/main/java/com/youlai/mall/oms/controller/app/OrderController.java. Such manipulation of the argument orderSn leads to improper...

CVE-2025-15087

CVE-2025-15087 affects youlaitech youlai-mall versions 1.0.0–2.0.0. The vulnerability is in OrderController.java, submitOrderPayment, where manipulating the orderSn argument leads to improper authorization. Exploit has been publicly disclosed; remote exploitation is possible, with exploit maturit...

CVE-2025-15086 youlaitech youlai-mall MemberController.java getMemberByMobile access control

A weakness has been identified in youlaitech youlai-mall 1.0.0/2.0.0. This impacts the function getMemberByMobile of the file mall-ums/ums-boot/src/main/java/com/youlai/mall/ums/controller/app/MemberController.java. This manipulation causes improper access controls. The attack may be initiated...

CVE-2025-15086

CVE-2025-15086 affects youlaitech youlai-mall versions 1.0.0–2.0.0. The vulnerability is in the getMemberByMobile function of mall-ums/ums-boot/src/main/java/com/youlai/mall/ums/controller/app/MemberController.java, causing improper access controls. The issue can be exploited remotely and the exp...

CVE-2025-15086 youlaitech youlai-mall MemberController.java getMemberByMobile access control

A weakness has been identified in youlaitech youlai-mall 1.0.0/2.0.0. This impacts the function getMemberByMobile of the file mall-ums/ums-boot/src/main/java/com/youlai/mall/ums/controller/app/MemberController.java. This manipulation causes improper access controls. The attack may be initiated...

CVE-2025-15085

A security flaw has been discovered in youlaitech youlai-mall 1.0.0/2.0.0. This affects the function deductBalance of the file mall-ums/ums-boot/src/main/java/com/youlai/mall/ums/controller/app/MemberController.java of the component Balance Handler. The manipulation results in improper...

CVE-2025-15085

A security flaw has been discovered in youlaitech youlai-mall 1.0.0/2.0.0. This affects the function deductBalance of the file mall-ums/ums-boot/src/main/java/com/youlai/mall/ums/controller/app/MemberController.java of the component Balance Handler. The manipulation results in improper...

CVE-2025-15085

CVE-2025-15085 affects youlaitech youlai-mall versions 1.0.0–2.0.0 in the Balance Handler component. The issue resides in the function deductBalance inside mall-ums/ums-boot/src/main/java/com/youlai/mall/ums/controller/app/MemberController.java, causing improper authorization . The description st...

CVE-2025-15084

A vulnerability was identified in youlaitech youlai-mall 1.0.0/2.0.0. The impacted element is the function orderService.payOrder of the file mall-oms/oms-boot/src/main/java/com/youlai/mall/oms/controller/app/OrderController.java of the component Order Payment Handler. The manipulation leads to...

CVE-2025-15084 youlaitech youlai-mall Order Payment OrderController.java orderService.payOrder access control

A vulnerability was identified in youlaitech youlai-mall 1.0.0/2.0.0. The impacted element is the function orderService.payOrder of the file mall-oms/oms-boot/src/main/java/com/youlai/mall/oms/controller/app/OrderController.java of the component Order Payment Handler. The manipulation leads to...

CVE-2025-15084

CVE-2025-15084 affects youlaitech youlai-mall versions 1.0.0–2.0.0, specifically the Order Payment Handler’s OrderController.payOrder in mall-oms/oms-boot/src/main/java/com/youlai/mall/oms/controller/app/. The root cause is improper access controls in the orderService.payOrder function, enabling ...

SUSE CVE-2025-68745

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Clear cmds after chip reset Commit aefed3e5548f "scsi: qla2xxx: target: Fix offline port handling and host reset handling" caused two problems: 1. Commands sent to FW, after chip reset got stuck and never freed as ...

youlai-mall 访问控制错误漏洞

youlai-mall is a full-stack mall system by youlaitech open source. youlai-mall version 1.0.0 and 2.0.0 versions of access control error vulnerability , the vulnerability stems from the Order Payment Handler component file mall-oms/oms-boot/src/main/java/com/youlai/mall/oms/controller/ The functio...