47 matches found
EUVD-2022-39309
Malicious code in bioql PyPI...
EUVD-2025-6695
Malicious code in bioql PyPI...
CVE-2022-36605
Yimioa v6.1 was discovered to contain a SQL injection vulnerability via the orderbyGET parameter...
CVE-2025-25582
yimioa before v2024.07.04 was discovered to contain a SQL injection vulnerability via the selectNoticeList method at /xml/OaNoticeMapper.xml...
CVE-2025-25586
yimioa before v2024.07.04 was discovered to contain an information disclosure vulnerability via the component /resources/application.yml...
CVE-2025-25580
yimioa before v2024.07.04 was discovered to contain a SQL injection vulnerability via the listNameBySql method at /xml/UserMapper.xml...
CVE-2025-25590
yimioa before v2024.07.04 was discovered to contain a SQL injection vulnerability via the component /mapper/xml/AddressDao.xml...
CVE-2025-25589
An XML external entity XXE injection vulnerability in the component /weixin/aes/XMLParse.java of yimioa before v2024.07.04 allows attackers to execute arbitrary code via supplying a crafted XML file...
CVE-2025-25586
yimioa before v2024.07.04 was discovered to contain an information disclosure vulnerability via the component /resources/application.yml...
CVE-2025-25589
An XML external entity XXE injection vulnerability in the component /weixin/aes/XMLParse.java of yimioa before v2024.07.04 allows attackers to execute arbitrary code via supplying a crafted XML file...
CVE-2025-25586
yimioa before v2024.07.04 was discovered to contain an information disclosure vulnerability via the component /resources/application.yml...
CVE-2025-25582
yimioa before v2024.07.04 was discovered to contain a SQL injection vulnerability via the selectNoticeList method at /xml/OaNoticeMapper.xml...
CVE-2025-25582
yimioa before v2024.07.04 was discovered to contain a SQL injection vulnerability via the selectNoticeList method at /xml/OaNoticeMapper.xml...
CVE-2025-25590
yimioa before v2024.07.04 was discovered to contain a SQL injection vulnerability via the component /mapper/xml/AddressDao.xml...
CVE-2025-25580
yimioa before v2024.07.04 was discovered to contain a SQL injection vulnerability via the listNameBySql method at /xml/UserMapper.xml...
CVE-2025-25585
Incorrect access control in the component /config/WebSecurityConfig.java of yimioa before v2024.07.04 allows unauthorized attackers to arbitrarily modify Administrator passwords...
CVE-2025-25590
yimioa before v2024.07.04 was discovered to contain a SQL injection vulnerability via the component /mapper/xml/AddressDao.xml...
yimioa 安全漏洞
yimioa CloudNet OA is a locally deployed OA software by rabbit individual developers. A security vulnerability exists in yimioa versions prior to v2024.07.04, which stems from an SQL injection in the listNameBySql method...
CVE-2025-25589
An XML external entity XXE injection vulnerability in the component /weixin/aes/XMLParse.java of yimioa before v2024.07.04 allows attackers to execute arbitrary code via supplying a crafted XML file...
CVE-2025-25582
yimioa before v2024.07.04 was discovered to contain a SQL injection vulnerability via the selectNoticeList method at /xml/OaNoticeMapper.xml...