15 matches found
CVE-2025-0345
A vulnerability was found in leiyuxi cy-fast 1.0 and classified as critical. Affected by this issue is the function listData of the file /sys/menu/listData. The manipulation of the argument order leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the...
CVE-2025-0344
A vulnerability has been found in leiyuxi cy-fast 1.0 and classified as critical. Affected by this vulnerability is the function listData of the file /commpara/listData. The manipulation of the argument order leads to sql injection. The attack can be launched remotely. The exploit has been...
CVE-2024-57769
JFinalOA before v2025.01.01 was discovered to contain a SQL injection vulnerability via the component borrowmoney/listData?applyUser...
CVE-2024-57769
CVE-2024-57769 affects JFinalOA prior to 2025.01.01, where a SQL injection flaw exists in the component borrowmoney/listData?applyUser . The issue is caused by improper handling of user input in this endpoint, enabling high-severity (C/H, I/H, A/H) impact per CVSS 3.1 with NETWORK attack vector, ...
CVE-2024-57769
JFinalOA before v2025.01.01 was discovered to contain a SQL injection vulnerability via the component borrowmoney/listData?applyUser...
CVE-2025-0345
A vulnerability was found in leiyuxi cy-fast 1.0 and classified as critical. Affected by this issue is the function listData of the file /sys/menu/listData. The manipulation of the argument order leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the...
CVE-2025-0345
CVE-2025-0345 affects leiyuxi cy-fast 1.0. The vulnerable component is the function listData in /sys/menu/listData, where misordering of arguments enables SQL injection. Exploitation is described as remote, and public disclosures exist. Current connected sources confirm the vulnerability, its rem...
CVE-2025-0344 leiyuxi cy-fast listData sql injection
A vulnerability has been found in leiyuxi cy-fast 1.0 and classified as critical. Affected by this vulnerability is the function listData of the file /commpara/listData. The manipulation of the argument order leads to sql injection. The attack can be launched remotely. The exploit has been...
CVE-2025-0334
A vulnerability has been found in leiyuxi cy-fast 1.0 and classified as critical. Affected by this vulnerability is the function listData of the file /sys/user/listData. The manipulation of the argument order leads to sql injection. The attack can be launched remotely. The exploit has been...
CVE-2025-0333
A vulnerability, which was classified as critical, was found in leiyuxi cy-fast 1.0. Affected is the function listData of the file /sys/role/listData. The manipulation of the argument order leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the...
CVE-2025-0333 leiyuxi cy-fast listData sql injection
A vulnerability, which was classified as critical, was found in leiyuxi cy-fast 1.0. Affected is the function listData of the file /sys/role/listData. The manipulation of the argument order leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the...
PT-2025-3830 · Unknown · Leiyuxi Cy-Fast
Name of the Vulnerable Software and Affected Versions: leiyuxi cy-fast version 1.0 Description: A critical vulnerability was found in the function listData of the file /sys/role/listData. The manipulation of the argument order leads to SQL injection. It is possible to launch the attack remotely...
PT-2025-3840 · Unknown · Leiyuxi Cy-Fast
Name of the Vulnerable Software and Affected Versions: leiyuxi cy-fast version 1.0 Description: A critical vulnerability exists in the listData function within the /sys/menu/listData file. Manipulation of the argument order leads to a SQL injection, potentially allowing for remote attacks. The...
PT-2025-3831 · Unknown · Leiyuxi Cy-Fast
Name of the Vulnerable Software and Affected Versions: leiyuxi cy-fast version 1.0 Description: A critical vulnerability exists in the listData function of the /sys/user/listData file. Manipulation of the argument order leads to SQL injection, allowing for remote attacks. The exploit has been...
PT-2025-3839 · Unknown · Leiyuxi Cy-Fast
Name of the Vulnerable Software and Affected Versions: leiyuxi cy-fast version 1.0 Description: A critical vulnerability exists in the listData function within the /commpara/listData file. Manipulation of the argument order leads to a SQL injection, which can be exploited remotely. The exploit fo...