CVE-2025-1227 | ywoa up to 2024.07.03 AddressDao.xml selectList sql injection (IBI7XH)

Inserito da Angelo Barbosa | Feb 11, 2025 | CVE

A vulnerability was found in ywoa up to 2024.07.03. It has been rated as critical. This issue affects the function selectList of the file com/cloudweb/oa/mapper/xml/AddressDao.xml. The manipulation leads to sql injection.

The identification of this vulnerability is CVE-2025-1227. The attack may be initiated remotely. Furthermore, there is an exploit available.

It is recommended to upgrade the affected component.

CVE-2025-1227 | ywoa up to 2024.07.03 AddressDao.xml selectList sql injection (IBI7XH)

Post correlati

CVE-2024-49906 | Linux Kernel up to 6.11.2 AMD Display pipe_ctx->plane_state null pointer dereference (2002ccb93004/1b686053c06f)

CVE-2024-23289 | Apple watchOS Lock Screen state issue

CVE-2025-20643 | MediaTek MT8893 DA debug messages revealing unnecessary information (MSV-2056 / ALPS09291146)

CVE-2024-4374 | DethemeKit for Elementor Plugin up to 2.1.3 on WordPress Widgets cross site scripting