CVE-2025-10086 | fuyang_lipengjun platform 1.0.0 AdPositionController /adposition/queryAll improper authorization

Inserito da Angelo Barbosa | Set 7, 2025 | CVE

A vulnerability was found in fuyang_lipengjun platform 1.0.0. It has been classified as critical. This issue affects the function queryAll of the file /adposition/queryAll of the component AdPositionController. This manipulation causes improper authorization.

This vulnerability is handled as CVE-2025-10086. The attack can be initiated remotely. Additionally, an exploit exists.

Affects another part than CVE-2025-9936.

CVE-2025-10086 | fuyang_lipengjun platform 1.0.0 AdPositionController /adposition/queryAll improper authorization

Post correlati

CVE-2024-52026 | Netgear XR300/R6400/R7000P HTTP POST Request bsw_pppoe.cgi pppoe_localip stack-based overflow

CVE-2024-50653 | CRMEB up to 5.4.0 access control

CVE-2024-42391 | Cesanta Mongoose Web Server up to 7.14 TLS Packet out-of-range pointer offset

CVE-2023-50264 | morpheus65535 bazarr up to 1.3.0 /system/backup/download/ send_file filename path traversal (GHSL-2023-192)