Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2025/05/07 3:5 a.m.25 views

CVE-2025-4260

A vulnerability was found in zhangyanbo2007 youkefu up to 4.2.0 and classified as problematic. Affected by this issue is the function impsave of the file m\web\handler\admin\system\TemplateController.java. The manipulation of the argument dataFile leads to deserialization. The attack may be...

5.3CVSS7.2AI score0.00562EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/05/05 2:31 a.m.20 views

CVE-2025-4260 zhangyanbo2007 youkefu TemplateController.java impsave deserialization

A vulnerability was found in zhangyanbo2007 youkefu up to 4.2.0 and classified as problematic. Affected by this issue is the function impsave of the file m\web\handler\admin\system\TemplateController.java. The manipulation of the argument dataFile leads to deserialization. The attack may be...

5.3CVSS0.00562EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/05/05 2:31 a.m.7 views

CVE-2025-4260 zhangyanbo2007 youkefu TemplateController.java impsave deserialization

A vulnerability was found in zhangyanbo2007 youkefu up to 4.2.0 and classified as problematic. Affected by this issue is the function impsave of the file m\web\handler\admin\system\TemplateController.java. The manipulation of the argument dataFile leads to deserialization. The attack may be...

5.3CVSS6.9AI score0.00562EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/04/10 4:6 a.m.12 views

CVE-2025-3381

A vulnerability, which was classified as critical, was found in zhangyanbo2007 youkefu 4.2.0. This affects an unknown part of the file WebIMController.java of the component File Upload. The manipulation of the argument ID leads to path traversal. It is possible to initiate the attack remotely. Th...

6.5CVSS6.9AI score0.00904EPSS
Exploits1References1
NVD
NVD
added 2025/04/07 8:15 p.m.8 views

CVE-2025-3381

A vulnerability, which was classified as critical, was found in zhangyanbo2007 youkefu 4.2.0. This affects an unknown part of the file WebIMController.java of the component File Upload. The manipulation of the argument ID leads to path traversal. It is possible to initiate the attack remotely. Th...

9.8CVSS0.00904EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/04/07 7:31 p.m.16 views

CVE-2025-3381 zhangyanbo2007 youkefu File Upload WebIMController.java path traversal

A vulnerability, which was classified as critical, was found in zhangyanbo2007 youkefu 4.2.0. This affects an unknown part of the file WebIMController.java of the component File Upload. The manipulation of the argument ID leads to path traversal. It is possible to initiate the attack remotely. Th...

6.5CVSS0.00904EPSS
Exploits1References4
CVE
CVE
added 2025/04/04 11:0 a.m.64 views

CVE-2025-3241

The CVE-2025-3241 entry concerns youkefu (zhangyanbo2007) up to version 4.2.0, focusing on the XML Document Handler’s CallCenterRouterController.java. The root cause is manipulation of the routercontent argument triggering an XML External Entity (XXE) reference, enabling remote initiation of an a...

9.8CVSS6.4AI score0.00579EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2025/03/31 2:15 p.m.14 views

CVE-2025-2997

A vulnerability was found in zhangyanbo2007 youkefu 4.2.0. It has been classified as critical. Affected is an unknown function of the file /res/url. The manipulation of the argument url leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been...

8.8CVSS0.00484EPSS
Exploits1References4
CVE
CVE
added 2025/03/31 1:31 p.m.72 views

CVE-2025-2997

CVE-2025-2997 affects youkefu 4.2.0 (zhangyanbo2007). The vulnerability is triggered by manipulation of the url argument in the /res/url function, leading to server-side request forgery. The issue is exploitable remotely and has been disclosed publicly. The connected documents confirm the root ca...

8.8CVSS6.5AI score0.00484EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder