CVE-2025-9461 | diyhi bbs up to 6.8 File Compression FilePackageManageAction.java idGroup information disclosure

Inserito da Angelo Barbosa | Ago 25, 2025 | CVE

A vulnerability identified as problematic has been detected in diyhi bbs up to 6.8. The impacted element is an unknown function of the file src/main/java/cms/web/action/filePackage/FilePackageManageAction.java of the component File Compression Handler. This manipulation of the argument idGroup causes information disclosure.

This vulnerability is registered as CVE-2025-9461. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

CVE-2025-9461 | diyhi bbs up to 6.8 File Compression FilePackageManageAction.java idGroup information disclosure

Post correlati

CVE-2024-57898 | Linux Kernel up to 6.12.8 cfg80211_cac_event Privilege Escalation

CVE-2024-7465 | TOTOLINK CP450 4.1.0cu.747_B20191224 /cgi-bin/cstecgi.cgi loginauth http_host buffer overflow

CVE-2024-29432 | Alldata 0.4.6 /data/masterdata/datas tablename sql injection

CVE-2024-2211 | Gophish 0.12.1 cross site scripting