Every CVE whose affected-product data names R1bbit Yimioa, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (10)
CVE-2025-25585 — CVSS 7.3 (high): Incorrect access control in the component /config/WebSecurityConfig.java of yimioa before v2024.07.04 allows unauthorized attackers to…
CVE-2025-1224 — CVSS 6.3 (medium): A vulnerability classified as critical was found in ywoa up to 2024.07.03. This vulnerability affects the function listNameBySql of the…
CVE-2025-1225 — CVSS 6.3 (medium): A vulnerability, which was classified as problematic, has been found in ywoa up to 2024.07.03. This issue affects the function extract of…
CVE-2025-1216 — CVSS 6.3 (medium): A vulnerability, which was classified as critical, has been found in ywoa up to 2024.07.03. This issue affects the function…
CVE-2025-1227 — CVSS 6.3 (medium): A vulnerability was found in ywoa up to 2024.07.03. It has been rated as critical. This issue affects the function selectList of the file…
CVE-2025-25590 — CVSS 6.1 (medium): yimioa before v2024.07.04 was discovered to contain a SQL injection vulnerability via the component /mapper/xml/AddressDao.xml.
CVE-2025-25580 — CVSS 6.1 (medium): yimioa before v2024.07.04 was discovered to contain a SQL injection vulnerability via the listNameBySql() method at /xml/UserMapper.xml.
CVE-2025-25582 — CVSS 6.1 (medium): yimioa before v2024.07.04 was discovered to contain a SQL injection vulnerability via the selectNoticeList() method at…
CVE-2025-1226 — CVSS 5.3 (medium): A vulnerability was found in ywoa up to 2024.07.03. It has been declared as critical. This vulnerability affects unknown code of the file…
CVE-2025-25586 — CVSS 4.2 (medium): yimioa before v2024.07.04 was discovered to contain an information disclosure vulnerability via the component /resources/application.yml.