2 matches found
CVE-2025-25580
yimioa before v2024.07.04 was discovered to contain a SQL injection vulnerability via the listNameBySql method at /xml/UserMapper.xml...
CVE-2025-25586
The CVE-2025-25586 entry relates to yimioa with an information disclosure vulnerability via the /resources/application.yml path, affecting versions prior to v2024.07.04. The standard CVSSv3.1 metrics indicate a Medium base score (4.2) with LOCAL attack vector, HIGH attack complexity, and LOW priv...