mingyuefusu

3 exploits Active since Mar 2025
CVE-2025-2832 GITEE MEDIUM java
Mingyuefusu Library Management System - Missing Authorization
A vulnerability was found in mingyuefusu 明月复苏 tushuguanlixitong 图书管理系统 up to d4836f6b49cd0ac79a4021b15ce99ff7229d4694 and classified as problematic. This issue affects some unknown processing. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
2,084 stars
CVSS 4.3
CVE-2025-2831 GITEE MEDIUM java
Mingyuefusu Library Management System - Injection
A vulnerability has been found in mingyuefusu 明月复苏 tushuguanlixitong 图书管理系统 up to d4836f6b49cd0ac79a4021b15ce99ff7229d4694 and classified as critical. This vulnerability affects the function getBookList of the file /admin/bookList?page=1&limit=10. The manipulation of the argument condition leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
2,084 stars
CVSS 6.3
CVE-2025-2686 GITEE MEDIUM java
mingyuefusu <d4836f6b49cd0ac79a4021b15ce99ff7229d4694 - Improper Ac...
A vulnerability has been found in mingyuefusu 明月复苏 tushuguanlixitong 图书管理系统 up to d4836f6b49cd0ac79a4021b15ce99ff7229d4694 and classified as critical. Affected by this vulnerability is the function doFilter of the file /admin/ of the component Backend. The manipulation of the argument Request leads to improper access controls. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
2,084 stars
CVSS 6.5