CVE-2025-5545 – Aluoxiang OA System Path Traversal Vulnerability

June 3, 2025

CVE ID : CVE-2025-5545

Published : June 4, 2025, 12:15 a.m. | 2 hours, 8 minutes ago

Description : A vulnerability classified as problematic has been found in aaluoxiang oa_system up to 5b445a6227b51cee287bd0c7c33ed94b801a82a5. This affects the function image of the file src/main/java/cn/gson/oasys/controller/process/ProcedureController.java. The manipulation leads to path traversal. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This product does not use versioning. This is why information about affected and unaffected releases are unavailable.

Severity: 4.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-5546 – PHPGurukul Daily Expense Tracker System SQL Injection Vulnerability

Next Article CVE-2025-5544 – Aluoxiang OA System Path Traversal Vulnerability

Highlights

CVE-2025-40624 – TCMAN’s GIM SQL Injection Vulnerability

May 6, 2025

CVE ID : CVE-2025-40624

Published : May 6, 2025, 11:15 a.m. | 36 minutes ago

Description : SQL injection in TCMAN’s GIM v11. This vulnerability allows an unauthenticated attacker to inject an SQL statement to obtain, update and delete all information in the database. This vulnerability was found in each of the following parameters according to the vulnerability identifier ‘User’ and “email” parameters of the ‘updatePassword’ endpoint.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

In MCP era API discoverability is now more important than ever

Black Myth: Wukong is coming to Xbox exactly one year after launching on PlayStation

Reddit wants to sue Anthropic for stealing its data, but the Claude AI manufacturers vow to “defend ourselves vigorously”

Satya Nadella says Microsoft makes money every time you use ChatGPT: “Every day that ChatGPT succeeds is a fantastic day”

Multiple reports suggest a Persona 4 Remake from Atlus will be announced during the Xbox Games Showcase

TC39 advances numerous proposals at latest meeting

TC39 advances numerous proposals at latest meeting

TypeBridge – zero ceremony, compile time rpc for client and server com

Simplify Cloud-Native Development with Quarkus Extensions

Black Myth: Wukong is coming to Xbox exactly one year after launching on PlayStation

Black Myth: Wukong is coming to Xbox exactly one year after launching on PlayStation

Reddit wants to sue Anthropic for stealing its data, but the Claude AI manufacturers vow to “defend ourselves vigorously”

Satya Nadella says Microsoft makes money every time you use ChatGPT: “Every day that ChatGPT succeeds is a fantastic day”

CVE-2025-5545 – Aluoxiang OA System Path Traversal Vulnerability

Leadership, Trust, and Cyber Hygiene: NCSC’s Guide to Security Culture in Action

CVE-2025-4318 Critical RCE in AWS Amplify Codegen UI

Stronger Design Principles Start with One Question: ‘Versus What?’

MuZero, AlphaZero, and AlphaDev: Optimizing computer systems

Benchmarking Federated Learning for Large Language Models with FedLLM-Bench

Columbus Mayor Confirms Ransomware Attack, Assures No Usable Personal Data Leaked on Dark Web

CVE-2025-40624 – TCMAN’s GIM SQL Injection Vulnerability

Are tariffs about to make your next iPhone way more expensive? It’s complicated

How to Create a VPAT Report: Explained with Examples

Deconstructing the 35mm Website: A Look at the Process and Technical Details

CVE-2025-5545 – Aluoxiang OA System Path Traversal Vulnerability

Related Posts