EUVD-2025-10399

Malicious code in bioql PyPI...

CVE-2025-6925 Dromara RuoYi-Vue-Plus Mail MailController.java path traversal

A vulnerability has been found in Dromara RuoYi-Vue-Plus 5.4.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /src/main/java/org/dromara/demo/controller/MailController.java of the component Mail Handler. The manipulation of the argument filePath...

CVE-2025-6925

The CVE-2025-6925 entry affects Dromara RuoYi-Vue-Plus 5.4.0. The Mail Handler’s MailController.java exposes a vulnerability via manipulation of the filePath argument, causing path traversal. The issue is exploitable remotely and has publicly disclosed proof-of-concept information; vendor respons...

CVE-2025-3392 hailey888 oa_system Backend MailController.java save cross site scripting

A vulnerability was found in hailey888 oasystem up to 2025.01.01 and classified as problematic. Affected by this issue is the function Save of the file cn/gson/oasys/controller/mail/MailController.java of the component Backend. The manipulation of the argument MailNumberId leads to cross site...

oa_system 安全漏洞

oasystem is a hailey individual developer's application for the day-to-day operation and management of organizations, used by employees and managers. A security vulnerability exists in oasystem version 2025.01.01 and earlier, which stems from improper handling of the MailNumberId parameter in...

PT-2025-15312 · Unknown · Hailey888 Oa System

Name of the Vulnerable Software and Affected Versions: hailey888 oa system versions up to 2025.01.01 Description: A vulnerability was found in the hailey888 oa system, classified as problematic. The issue affects the function Save of the file cn/gson/oasys/controller/mail/MailController.java of t...