10 matches found
CVE-2025-57210
Incorrect access control in the component ApiPayController.java of platform v1.0.0 allows attackers to access sensitive information via unspecified vectors...
CVE-2025-57210
Incorrect access control in the component ApiPayController.java of platform v1.0.0 allows attackers to access sensitive information via unspecified vectors...
CVE-2025-12304
A vulnerability has been found in dulaiduwang003 TIME-SEA-PLUS up to fb299162f18498dd9cf17da906886d80a077d53b. This affects the function alipayIsSucceed of the file PayController.java of the component Order Status Handler. The manipulation leads to improper authorization. Remote exploitation of t...
CVE-2025-12304
A vulnerability has been found in dulaiduwang003 TIME-SEA-PLUS up to fb299162f18498dd9cf17da906886d80a077d53b. This affects the function alipayIsSucceed of the file PayController.java of the component Order Status Handler. The manipulation leads to improper authorization. Remote exploitation of t...
CVE-2025-12304 dulaiduwang003 TIME-SEA-PLUS Order Status PayController.java alipayIsSucceed improper authorization
A vulnerability has been found in dulaiduwang003 TIME-SEA-PLUS up to fb299162f18498dd9cf17da906886d80a077d53b. This affects the function alipayIsSucceed of the file PayController.java of the component Order Status Handler. The manipulation leads to improper authorization. Remote exploitation of t...
CVE-2025-12304
TIME-SEA-PLUS (dulaiduwang003) up to fb299162f18498dd9cf17da906886d80a077d53b is affected. The vulnerability resides in the function alipayIsSucceed of PayController.java within the Order Status Handler, caused by improper authorization. Remote exploitation is possible, and the exploit has been d...
CVE-2025-12304 dulaiduwang003 TIME-SEA-PLUS Order Status PayController.java alipayIsSucceed improper authorization
A vulnerability has been found in dulaiduwang003 TIME-SEA-PLUS up to fb299162f18498dd9cf17da906886d80a077d53b. This affects the function alipayIsSucceed of the file PayController.java of the component Order Status Handler. The manipulation leads to improper authorization. Remote exploitation of t...
TIME-SEA-PLUS 授权问题漏洞
TIME-SEA-PLUS is an Ai platform for bdth individual developers. dulaiduwang003 TIME-SEA-PLUS has an authorization issue vulnerability that originates from improper authorization of the function alipayIsSucceed in the file PayController.java, which could lead to a remote attack...
PT-2025-44007
A vulnerability has been found in dulaiduwang003 TIME-SEA-PLUS up to fb299162f18498dd9cf17da906886d80a077d53b. This affects the function alipayIsSucceed of the file PayController.java of the component Order Status Handler. The manipulation leads to improper authorization. Remote exploitation of t...
CVE-2020-19951
A cross-site request forgery CSRF in /controller/pay.class.php of YzmCMS v5.5 allows attackers to access sensitive components of the application...