CVE-2025-14051

A flaw has been found in youlaitech youlai-mall 1.0.0/2.0.0. Affected is the function getById/updateAddress/deleteAddress of the file /mall-ums/app-api/v1/addresses/. Executing manipulation can lead to improper control of dynamically-identified variables. The attack can be executed remotely. The...

CVE-2025-14051

A flaw has been found in youlaitech youlai-mall 1.0.0/2.0.0. Affected is the function getById/updateAddress/deleteAddress of the file /mall-ums/app-api/v1/addresses/. Executing manipulation can lead to improper control of dynamically-identified variables. The attack can be executed remotely. The...

PT-2025-49171

Name of the Vulnerable Software and Affected Versions youlaitech youlai-mall versions 1.0.0 through 2.0.0 Description A flaw exists in youlaitech youlai-mall versions 1.0.0 through 2.0.0 related to improper control of dynamically-identified variables. The issue is present in the getById,...

CVE-2025-8185

A vulnerability was found in 1000 Projects ABC Courier Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /getbyid.php. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has bee...

PT-2024-8733 · Timgeyssens · Uiomatic

Name of the Vulnerable Software and Affected Versions: TimGeyssens UIOMatic version 5 Description: A critical vulnerability has been found in the file /src/UIOMatic/wwwroot/backoffice/resources/uioMaticObject.r, which can lead to SQL injection. The attack can be initiated remotely. The exploit ha...