CVE-2025-3849 – YXJ2018 SpringBoot-Vue-OnlineExam Remote Unverified Password Change Vulnerability

April 21, 2025

CVE ID : CVE-2025-3849

Published : April 22, 2025, 12:15 a.m. | 2 hours, 21 minutes ago

Description : A vulnerability classified as problematic was found in YXJ2018 SpringBoot-Vue-OnlineExam 1.0. This vulnerability affects unknown code of the file /api/studentPWD. The manipulation of the argument studentId leads to unverified password change. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Severity: 4.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-2987 – IBM Maximo Asset Management SSRF

Next Article CVE-2025-3847 – Markparticle WebServer SQL Injection Vulnerability

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

I got my hands on the redesigned successor to 2024’s best gaming laptop for most people — I’m confident that I’m going to love it, but there is ONE downside

Bethesda teases Oblivion Remastered, with a full announcement for the legendary Elder Scrolls title coming this week

Who knew a controller could make THIS much difference? I tested a new mobile controller for Xbox Cloud Gaming and was pleasantly surprised.

Clair Obscur: Expedition 33 PC system requirements and specs — Can you run this turn-based RPG adventure?

Community News: Latest PECL Releases (03.11.2025)

Community News: Latest PECL Releases (03.11.2025)

A Fan Portal for The Elder Scrolls IV: Oblivion Remake

Coveo Recognizes Perficient Colleagues as MVPs in 2025

I got my hands on the redesigned successor to 2024’s best gaming laptop for most people — I’m confident that I’m going to love it, but there is ONE downside

I got my hands on the redesigned successor to 2024’s best gaming laptop for most people — I’m confident that I’m going to love it, but there is ONE downside

Bethesda teases Oblivion Remastered, with a full announcement for the legendary Elder Scrolls title coming this week

Who knew a controller could make THIS much difference? I tested a new mobile controller for Xbox Cloud Gaming and was pleasantly surprised.

CVE-2025-3849 – YXJ2018 SpringBoot-Vue-OnlineExam Remote Unverified Password Change Vulnerability

April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Kubernetes IngressNightmare Vulnerabilities: What You Need to Know

Ex-Security Engineer Jailed 3 Years for $12.3 Million Crypto Exchange Thefts

Schneider Electric Confirms Breach as Hackers Offer 50% Ransom Discount to New CEO

Sarvam AI Releases Samvaad-Hi-v1 Dataset and Sarvam-2B: A 2 Billion Parameter Language Model with 4 Trillion Tokens Focused on 10 Indic Languages for Enhanced NLP

Community News: Latest PEAR Releases (04.07.2025)

Rspack npm Packages Compromised with Crypto Mining Malware in Supply Chain Attack

Need a 10-port USB-C charger? Plugable has just the thing

RockYou2024: Hacker Releases Nearly 10 Billion Passwords in Massive Leak

Copilot Error Attempting To Reconnect: 4 Ways to Fix it

CVE-2025-3849 – YXJ2018 SpringBoot-Vue-OnlineExam Remote Unverified Password Change Vulnerability

Related Posts