Lucene search
K
Fuyang LipengjunPlatform

15 matches found

CVE
CVE
added 2025/07/21 7:32 p.m.26 views

CVE-2025-7936

The CVE-2025-7936 entry affects the fuyang_lipengjun platform, specifically the ScheduleJobLogController.java in the queryPage function. The root cause is manipulation of the beanName/methodName argument, enabling SQL injection via a remote attack. Multiple trusted sources note that the exploit h...

8.8CVSS6.8AI score0.00351EPSS
CVE
CVE
added 2025/09/03 11:2 p.m.23 views

CVE-2025-9936

CVE-2025-9936 affects fuyang_lipengjun platform 1.0.0, specifically the AdController function in /ad/queryAll. The root cause is improper authorization allowing remote exploitation. Multiple sources (NVD, Red Hat, CNVD, CVE listings) describe a remotely executable issue with a publicly available ...

5.3CVSS4.8AI score0.00325EPSS
CVE
CVE
added 2025/09/18 4:2 p.m.22 views

CVE-2025-10675

CVE-2025-10675 affects fuyang_lipengjun platform 1.0, specifically the AttributeController handling /attribute/queryAll. The underlying issue is improper authorization in the AttributeController, enabling remote exploitation. Public exploit is reported across sources, indicating active risk. Conn...

5.3CVSS4.8AI score0.00325EPSS
CVE
CVE
added 2025/09/18 4:2 p.m.20 views

CVE-2025-10676

The CVE-2025-10676 entry concerns the fuyang_lipengjun platform 1.0, specifically the BrandController function in /brand/queryAll. The connected documents describe an improper authorization vulnerability that can be exploited remotely, with publicly available exploit code. The issue affects the B...

5.3CVSS4.9AI score0.00325EPSS
CVE
CVE
added 2025/09/22 10:32 p.m.20 views

CVE-2025-10820

CVE-2025-10820 affects the fuyang_lipengjun platform 1.0, specifically the TopicController function in /topic/queryAll. The vulnerability results from improper authorization, enabling remote exploitation. Public exploits exist, and multiple sources (Red Hat, CVEs and vulnerability trackers) corro...

5.3CVSS5AI score0.00336EPSS
CVE
CVE
added 2025/09/22 11:2 p.m.20 views

CVE-2025-10821

CVE-2025-10821 affects fuyang_lipengjun platform 1.0. The vulnerable element is TopicCategoryController in /topiccategory/queryAll, causing improper authorization. This allows remote attacks; exploits have been published and may be used. According to provided metrics, CVSS details indicate MEDIUM...

5.3CVSS4.8AI score0.00325EPSS
CVE
CVE
added 2025/07/21 6:32 p.m.20 views

CVE-2025-7934

CVE-2025-7934 affects the fuyang_lipengjun platform, specifically the ScheduleJobController.queryPage function in platform-schedule/src/main/java/com/platform/controller/ScheduleJobController.java. The root cause is manipulation of the beanName argument, which leads to a SQL injection vulnerabili...

8.8CVSS7.4AI score0.00416EPSS
CVE
CVE
added 2025/09/18 3:32 p.m.19 views

CVE-2025-10674

CVE-2025-10674 affects the fuyang_lipengjun platform v1.0, specifically the AttributeCategoryController at /attributecategory/queryAll. The vulnerability is described as improper authorization that can be exploited remotely, with public exploit material available. Connected sources corroborate th...

5.3CVSS5AI score0.00325EPSS
CVE
CVE
added 2025/09/22 11:32 p.m.19 views

CVE-2025-10822

CVE-2025-10822 affects the fuyang_lipengjun platform version 1.0, specifically the SysSmsLogController in /sys/smslog/queryAll. The root cause is improper authorization, allowing potential remote exploitation. Public disclosures exist and exploit maturity is noted as PROOF-OF-CONCEPT in some sour...

5.3CVSS6.3AI score0.00325EPSS
CVE
CVE
added 2025/09/22 10:32 p.m.18 views

CVE-2025-10819

The CVE-2025-10819 entry affects the fuyang_lipengjun platform 1.0, specifically the UserCouponController function in /usercoupon/queryAll. The root cause is improper authorization, enabling remote exploitation. Public exploit details are present in the records, with CVSS data indicating medium s...

5.3CVSS4.7AI score0.00336EPSS
CVE
CVE
added 2025/09/08 6:2 a.m.17 views

CVE-2025-10086

CVE-2025-10086 affects fuyang_lipengjun platform 1.0.0. The vulnerability is in the AdPositionController's /adposition/queryAll function, causing improper authorization. It can be triggered remotely and exploitable publicly; CVSS data suggests MEDIUM impact with network access and low privileges ...

6.5CVSS6.6AI score0.00296EPSS
CVE
CVE
added 2025/07/21 7:2 p.m.16 views

CVE-2025-7935

The CVE-2025-7935 entry concerns the fuyang_lipengjun platform, specifically the SysLogController.java in platform-admin/src/main/java/com/platform/controller. The root cause is manipulation of the argument key that enables SQL injection, with remote exploitation reported. Public disclosure of th...

8.8CVSS7.6AI score0.00416EPSS
CVE
CVE
added 2025/12/04 12:0 a.m.14 views

CVE-2025-57213

CVE-2025-57213 affects platform v1.0.0. The vulnerability arises from incorrect access control in the component orderService.queryObject, enabling an attacker to access sensitive information via a crafted request. Current documents do not specify the affected software family beyond platform v1.0....

7.5CVSS6.1AI score0.00251EPSS
CVE
CVE
added 2025/12/04 12:0 a.m.12 views

CVE-2025-57210

CVE-2025-57210 affects platform v1.0.0 due to incorrect access control in the ApiPayController.java component. The Red Hat/CNNVD/NVD-family entries corroborate a vulnerability allowing access to sensitive information via unspecified vectors. The NVD/CVE metrics indicate a high-severity issue (CVS...

7.5CVSS6.2AI score0.00251EPSS
CVE
CVE
added 2025/12/04 12:0 a.m.11 views

CVE-2025-57212

CVE-2025-57212 affects platform v1.0.0 in the ApiOrderService.java component, where improper access control may allow an attacker to disclose sensitive information via a crafted request. Evidence across multiple sources confirms the same description without additional exploit details. The vulnera...

7.5CVSS6.1AI score0.00251EPSS