📦 Platform

This vulnerability allows attackers to bypass access controls in the ApiPayController component of platform v1.0.0, potentially exposing sensitive information. Any system running the vulnerable versio...

This vulnerability in the ApiOrderService.java component of platform v1.0.0 allows attackers to bypass access controls and retrieve sensitive information through specially crafted requests. It affects...

This vulnerability allows attackers to bypass access controls in the orderService.queryObject component of platform v1.0.0, enabling unauthorized access to sensitive information. Attackers can exploit...

CVE-2025-10822 is an improper authorization vulnerability in the fuyang_lipengjun platform 1.0 that allows unauthorized access to SMS log data via the SysSmsLogController function. Attackers can remot...

This vulnerability allows unauthorized access to topic category data in fuyang_lipengjun platform 1.0 due to improper authorization in the TopicCategoryController. Attackers can remotely exploit this ...

This vulnerability in the fuyang_lipengjun platform 1.0 allows unauthorized access to the TopicController's queryAll function, enabling attackers to retrieve topic data without proper authentication. ...

This vulnerability in fuyang_lipengjun platform 1.0 allows unauthorized access to user coupon data through the UserCouponController queryAll function. Attackers can exploit this to view sensitive coup...

This vulnerability in fuyang_lipengjun platform 1.0 allows improper authorization through the BrandController function at /brand/queryAll. Attackers can remotely exploit this weakness to access unauth...

CVE-2025-10674 is an improper authorization vulnerability in the fuyang_lipengjun platform 1.0 that allows attackers to access the /attributecategory/queryAll endpoint without proper permissions. This...

This vulnerability in fuyang_lipengjun platform 1.0 allows improper authorization via the AttributeController function at /attribute/queryAll, enabling unauthorized access to sensitive data or functio...

CVE-2025-10086 is an improper authorization vulnerability in the fuyang_lipengjun platform 1.0.0 that allows remote attackers to access unauthorized functionality via the queryAll function in the AdPo...

This critical SQL injection vulnerability in the fuyang_lipengjun platform allows remote attackers to execute arbitrary SQL commands via the beanName/methodName parameters in the ScheduleJobLogControl...

This CVE describes a critical SQL injection vulnerability in the fuyang_lipengjun platform's ScheduleJobController. Attackers can exploit this by manipulating the beanName parameter in the queryPage f...