Yimioa Security Vulnerabilities and Issues — Yimioa CVE List

Lucene search

R1bbitYimioa

5 matches found

CVE•added 2025/03/18 4:15 p.m.•40 views

CVE-2025-25586

yimioa before v2024.07.04 was discovered to contain an information disclosure vulnerability via the component /resources/application.yml.

4.2CVSS6.7AI score0.00022EPSS

CVE•added 2025/03/18 3:16 p.m.•39 views

CVE-2025-25585

Incorrect access control in the component /config/WebSecurityConfig.java of yimioa before v2024.07.04 allows unauthorized attackers to arbitrarily modify Administrator passwords.

7.3CVSS6.5AI score0.00025EPSS

CVE•added 2025/03/18 4:15 p.m.•36 views

CVE-2025-25582

yimioa before v2024.07.04 was discovered to contain a SQL injection vulnerability via the selectNoticeList() method at /xml/OaNoticeMapper.xml.

6.1CVSS7.9AI score0.00029EPSS

CVE•added 2025/03/18 3:16 p.m.•34 views

CVE-2025-25590

yimioa before v2024.07.04 was discovered to contain a SQL injection vulnerability via the component /mapper/xml/AddressDao.xml.

6.1CVSS7.9AI score0.00029EPSS

CVE•added 2025/03/18 3:16 p.m.•32 views

CVE-2025-25580

yimioa before v2024.07.04 was discovered to contain a SQL injection vulnerability via the listNameBySql() method at /xml/UserMapper.xml.

6.1CVSS7.9AI score0.00029EPSS