CVE-2025-0408 | liujianview gymxmjpa 1.0 LoosController.java LoosDaoImpl loosName sql injection

Posted by Angelo Barbosa | Jan 12, 2025 | CVE

A vulnerability was found in liujianview gymxmjpa 1.0. It has been rated as critical. Affected by this issue is the function LoosDaoImpl of the file src/main/java/com/liujian/gymxmjpa/controller/LoosController.java. The manipulation of the argument loosName leads to sql injection.

This vulnerability is handled as CVE-2025-0408. The attack may be launched remotely. Furthermore, there is an exploit available.

CVE-2025-0408 | liujianview gymxmjpa 1.0 LoosController.java LoosDaoImpl loosName sql injection

Related Posts

CVE-2024-47124 | goTenna Pro Series up to 1.6.1 Callsign cleartext transmission (icsa-24-270-04)

CVE-2024-23031 | EyouCMS 1.6.5 URL is_water cross site scripting (Issue 57)

CVE-2024-5574 | codevibrant WP Magazine Modules Lite Plugin up to 1.1.2 on WordPress blockLayout filename control

CVE-2024-34047 | O-RAN RIC I-Release e2mgr RicServiceUpdateHandler array index