R1bbit Yimioa

10 CVEs affecting R1bbit Yimioa. Latest disclosed: 2025-03-18. Critical: 0, High: 1.

Top CVEs affecting R1bbit Yimioa
CVESeverityScorePublishedSummary
CVE-2025-25585High7.32025-03-18Incorrect access control in the component /config/WebSecurityConfig.java of yimioa before v2024.07.04 allows unauthorized attackers to arbitrarily modify Admin…
CVE-2025-1227Medium6.32025-02-12A vulnerability was found in ywoa up to 2024.07.03. It has been rated as critical. This issue affects the function selectList of the file com/cloudweb/oa/mappe…
CVE-2025-1225Medium6.32025-02-12A vulnerability, which was classified as problematic, has been found in ywoa up to 2024.07.03. This issue affects the function extract of the file c-main/src/m…
CVE-2025-1224Medium6.32025-02-12A vulnerability classified as critical was found in ywoa up to 2024.07.03. This vulnerability affects the function listNameBySql of the file com/cloudweb/oa/ma…
CVE-2025-1216Medium6.32025-02-12A vulnerability, which was classified as critical, has been found in ywoa up to 2024.07.03. This issue affects the function selectNoticeList of the file com/cl…
CVE-2025-25582Medium6.12025-03-18yimioa before v2024.07.04 was discovered to contain a SQL injection vulnerability via the selectNoticeList() method at /xml/OaNoticeMapper.xml.
CVE-2025-25590Medium6.12025-03-18yimioa before v2024.07.04 was discovered to contain a SQL injection vulnerability via the component /mapper/xml/AddressDao.xml.
CVE-2025-25580Medium6.12025-03-18yimioa before v2024.07.04 was discovered to contain a SQL injection vulnerability via the listNameBySql() method at /xml/UserMapper.xml.
CVE-2025-1226Medium5.32025-02-12A vulnerability was found in ywoa up to 2024.07.03. It has been declared as critical. This vulnerability affects unknown code of the file /oa/setup/setup.jsp…
CVE-2025-25586Medium4.22025-03-18yimioa before v2024.07.04 was discovered to contain an information disclosure vulnerability via the component /resources/application.yml.