CVE-2025-11406 | kaifangqian kaifangqian-base up to 7b3faecda13848b3ced6c17c7423b76c5b47b8ab SysUserController.java getAllUsers information disclosure

A vulnerability categorized as problematic has been discovered in kaifangqian kaifangqian-base up to 7b3faecda13848b3ced6c17c7423b76c5b47b8ab. This issue affects the function getAllUsers of the file kaifangqian-parent/kaifangqian-system/src/main/java/com/kaifangqian/modules/system/controller/SysUserController.java. The manipulation results in information disclosure.

This vulnerability is reported as CVE-2025-11406. The attack can be launched remotely. Moreover, an exploit is present.

This product does not use versioning. This is why information about affected and unaffected releases are unavailable.

CVE-2025-11406 | kaifangqian kaifangqian-base up to 7b3faecda13848b3ced6c17c7423b76c5b47b8ab SysUserController.java getAllUsers information disclosure

Post correlati

CVE-2024-10486 | Google for WooCommerce Plugin up to 2.8.6 on WordPress information disclosure

CVE-2024-41703 | LibreChat up to 0.7.4-rc1 access control

CVE-2023-39517 | laurent22 joplin up to 2.12.7 sanitizeHtml cross site scripting (GHSA-2h88-m32f-qh5m)

CVE-2024-6090 | gaizhenbiao ChuanhuChatGPT up to 20240410 resource consumption