2 matches found
CVE-2025-5171
The CVE-2025-5171 entry concerns llisoft MTA Maita Training System 4.5. Affected: the file download path through this.fileService.download in com\llisoft\controller\OpenController.java. Root cause: argument url manipulation enables unrestricted upload. Impact: remote attack possible with high sev...
CVE-2025-5170
The CVE-2025-5170 issue affects llisoft MTA Maita Training System version 4.5, specifically the AdminShitiListRequestVo function in com\llisoft\controller\admin\shiti\AdminShitiController.java. The vulnerability arises from improper handling of the stTypeIds argument, enabling SQL injection that ...