CVE-2025-25582
MEDIUMR1bbit Yimioa < 2024-07-04 - SQL Injection
Title source: ruleDescription
yimioa before v2024.07.04 was discovered to contain a SQL injection vulnerability via the selectNoticeList() method at /xml/OaNoticeMapper.xml.
Exploits (1)
Scores
CVSS v3
6.1
EPSS
0.0003
EPSS Percentile
8.2%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L
Details
CWE
CWE-89
Status
published
Products (1)
r1bbit/yimioa
< 2024-07-04
Published
Mar 18, 2025
Tracked Since
Feb 18, 2026