CVE-2025-4260 | zhangyanbo2007 youkefu up to 4.2.0 TemplateController.java impsave dataFile deserialization

Inserito da Angelo Barbosa | Mag 4, 2025 | CVE

A vulnerability was found in zhangyanbo2007 youkefu up to 4.2.0 and classified as problematic. Affected by this issue is the function impsave of the file mwebhandleradminsystemTemplateController.java. The manipulation of the argument dataFile leads to deserialization.

This vulnerability is handled as CVE-2025-4260. The attack may be launched remotely. Furthermore, there is an exploit available.

CVE-2025-4260 | zhangyanbo2007 youkefu up to 4.2.0 TemplateController.java impsave dataFile deserialization

Post correlati

CVE-2024-5237 | Campcodes Complete Web-Based School Management System 1.0 timetable_grade_wise.php grade sql injection

CVE-2023-50990 | Tenda i29 1.0.0.5 sysScheduleRebootSet rebootTime buffer overflow

CVE-2024-53588 | iTop VPN 16.0 DLL vpn6 uncontrolled search path

CVE-2024-38441 | Netatalk 3.2.0 etc/afp/directory.c afp_mapname heap-based overflow