2 matches found
CVE-2025-3842
The CVE-2025-3842 entry concerns panhainan DS-Java 1.0, specifically the function uploadUserPic.action in FileUpload.java. The issue arises from manipulation of the fileUpload argument, leading to code injection. The vulnerability is described as exploitable remotely, with public disclosures of t...
CVE-2025-3843
CVE-2025-3843 concerns panhainan DS-Java 1.0, where an unspecified function is vulnerable to cross-site request forgery. The flaw enables remote execution of CSRF conditions, with exploitation reportedly disclosed publicly. The current sources do not specify the exact vulnerable component, versio...