CVE-2025-62720

LinkAce is a self-hosted archive to collect website links. Versions 2.3.1 and below allow any authenticated user to export the entire database of links from all users in the system, including private links that should only be accessible to their owners. The HTML and CSV export functions in the...

CVE-2025-62720

CVE-2025-62720 affects the LinkAce self-hosted archive. The vulnerability lies in the ExportController HTML/CSV export paths, which retrieve all links without applying ownership or visibility filtering, enabling any authenticated user to exfiltrate private links from all users. Affected versions ...

LinkAce 访问控制错误漏洞

LinkAce is a self-hosted archive of links to your favorite websites by Kevin Woblick Individual Developer. An Access Control Error vulnerability exists in LinkAce 2.3.1 and prior versions, which stems from the HTML and CSV export functionality in the ExportController class not applying ownership ...

CVE-2025-60269

JEEWMS 20250820 is vulnerable to SQL Injection in the exportXls function located in the src/main/java/org/jeecgframework/web/cgreport/controller/excel/CgExportExcelController.java file...