Lucene search
K

4 matches found

Circl
Circl
added 2025/02/12 7:37 p.m.7 views

CVE-2025-1224

creationtimestamp| type| source ---|---|--- 2025-02-12 19:37:55+00:00| seen| https://infosec.exchange/users/cve/statuses/113992602398671772 2025-02-12 20:16:01+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhyyi56a632x 2025-02-12 22:45:20+00:00| seen|...

8.8CVSS6.2AI score0.00406EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/02/12 7:31 p.m.16 views

CVE-2025-1224 ywoa UserMapper.xml listNameBySql sql injection

A vulnerability classified as critical was found in ywoa up to 2024.07.03. This vulnerability affects the function listNameBySql of the file com/cloudweb/oa/mapper/xml/UserMapper.xml. The manipulation leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to...

6.5CVSS0.00406EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/02/12 7:31 p.m.8 views

CVE-2025-1224 ywoa UserMapper.xml listNameBySql sql injection

A vulnerability classified as critical was found in ywoa up to 2024.07.03. This vulnerability affects the function listNameBySql of the file com/cloudweb/oa/mapper/xml/UserMapper.xml. The manipulation leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to...

6.5CVSS7.4AI score0.00406EPSS
Exploits1References3
CVE
CVE
added 2025/02/12 7:31 p.m.64 views

CVE-2025-1224

CVE-2025-1224 affects the ywoa system (up to 2024.07.03) with an SQL injection in the function listNameBySql of com/cloudweb/oa/mapper/xml/UserMapper.xml. The vulnerability arises from how the SQL is constructed in listNameBySql, allowing remote attackers to manipulate queries. Public disclosures...

8.8CVSS7.5AI score0.00406EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder