Filtered by vendor R1bbit
Subscriptions
Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-25580 | 1 R1bbit | 1 Yimioa | 2025-06-19 | 6.1 Medium |
| yimioa before v2024.07.04 was discovered to contain a SQL injection vulnerability via the listNameBySql() method at /xml/UserMapper.xml. | ||||
| CVE-2025-25590 | 1 R1bbit | 1 Yimioa | 2025-06-19 | 6.1 Medium |
| yimioa before v2024.07.04 was discovered to contain a SQL injection vulnerability via the component /mapper/xml/AddressDao.xml. | ||||
| CVE-2025-25585 | 1 R1bbit | 1 Yimioa | 2025-06-19 | 7.3 High |
| Incorrect access control in the component /config/WebSecurityConfig.java of yimioa before v2024.07.04 allows unauthorized attackers to arbitrarily modify Administrator passwords. | ||||
| CVE-2025-25582 | 1 R1bbit | 1 Yimioa | 2025-04-02 | 6.1 Medium |
| yimioa before v2024.07.04 was discovered to contain a SQL injection vulnerability via the selectNoticeList() method at /xml/OaNoticeMapper.xml. | ||||
| CVE-2025-25586 | 1 R1bbit | 1 Yimioa | 2025-04-01 | 4.2 Medium |
| yimioa before v2024.07.04 was discovered to contain an information disclosure vulnerability via the component /resources/application.yml. | ||||
Page 1 of 1.