VYPR
Vendor

yimioa

Products
1
CVEs
6
Across products
6
Status
Private

Products

1

Recent CVEs

6
  • CVE-2022-36605CriAug 19, 2022
    risk 0.64cvss 9.8epss 0.01

    Yimioa v6.1 was discovered to contain a SQL injection vulnerability via the orderbyGET parameter.

  • CVE-2025-25586Mar 18, 2025
    risk 0.00cvss epss 0.00

    yimioa before v2024.07.04 was discovered to contain an information disclosure vulnerability via the component /resources/application.yml.

  • CVE-2025-25590Mar 18, 2025
    risk 0.00cvss epss 0.00

    yimioa before v2024.07.04 was discovered to contain a SQL injection vulnerability via the component /mapper/xml/AddressDao.xml.

  • CVE-2025-25585Mar 18, 2025
    risk 0.00cvss epss 0.00

    Incorrect access control in the component /config/WebSecurityConfig.java of yimioa before v2024.07.04 allows unauthorized attackers to arbitrarily modify Administrator passwords.

  • CVE-2025-25582Mar 18, 2025
    risk 0.00cvss epss 0.00

    yimioa before v2024.07.04 was discovered to contain a SQL injection vulnerability via the selectNoticeList() method at /xml/OaNoticeMapper.xml.

  • CVE-2025-25580Mar 18, 2025
    risk 0.00cvss epss 0.00

    yimioa before v2024.07.04 was discovered to contain a SQL injection vulnerability via the listNameBySql() method at /xml/UserMapper.xml.