Yin Lingyun - Security Researcher - Exploit Intelligence Platform

CVE-2025-0333 WRITEUP MEDIUM WRITEUP

leiyuxi cy-fast 1.0 - SQL Injection

A vulnerability, which was classified as critical, was found in leiyuxi cy-fast 1.0. Affected is the function listData of the file /sys/role/listData. The manipulation of the argument order leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

CVSS 6.3

View Code

CVE-2025-0334 WRITEUP MEDIUM WRITEUP

leiyuxi cy-fast 1.0 - SQL Injection

A vulnerability has been found in leiyuxi cy-fast 1.0 and classified as critical. Affected by this vulnerability is the function listData of the file /sys/user/listData. The manipulation of the argument order leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

CVSS 6.3

View Code

CVE-2025-0344 WRITEUP MEDIUM WRITEUP

leiyuxi cy-fast 1.0 - SQL Injection

A vulnerability has been found in leiyuxi cy-fast 1.0 and classified as critical. Affected by this vulnerability is the function listData of the file /commpara/listData. The manipulation of the argument order leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

CVSS 6.3

View Code

CVE-2025-0345 WRITEUP MEDIUM WRITEUP

leiyuxi cy-fast 1.0 - SQL Injection

A vulnerability was found in leiyuxi cy-fast 1.0 and classified as critical. Affected by this issue is the function listData of the file /sys/menu/listData. The manipulation of the argument order leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

CVSS 6.3

View Code