CVE-2025-3967

MEDIUM Year: 2025
CVSS v3 Score
5.4
Medium
CVSS v2 Score
5.5
Medium
Weakness Type
CWE-266
View all →

Vulnerability Description

A vulnerability was found in itwanger paicoding 1.0.3. It has been classified as critical. This affects an unknown part of the file /article/api/post of the component Article Handler. The manipulation of the argument articleId leads to improper authorization. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Related Vulnerabilities

CVE-2024-25633

MEDIUM
CVSS:5.4(Medium)

eLabFTW is an open source electronic lab notebook for research labs. In an eLabFTW system, one can configure who is allowed to create new user accounts. A vulnerability has been found starting in vers...

CWE-2662024

CVE-2024-50702

MEDIUM
CVSS:5.4(Medium)

TeamPass before 3.1.3.1 does not properly check whether a mail_me (aka action_mail) operation is on behalf of an administrator or manager.

CWE-2662024

CVE-2024-55570

MEDIUM
CVSS:5.4(Medium)

/api/user/users in the web GUI for the Cubro EXA48200 network packet broker (build 20231025055018) fixed in V5.0R14.5P4-V3.3R1 allows remote authenticated users of the application to increase their pr...

CWE-2662024

CVE-2025-2089

MEDIUM
CVSS:5.4(Medium)

A vulnerability has been found in StarSea99 starsea-mall 1.0/2.X and classified as critical. Affected by this vulnerability is the function updateUserInfo of the file /personal/updateInfo of the compo...

CWE-2662025

CVE-2025-2334

MEDIUM
CVSS:5.4(Medium)

A vulnerability classified as problematic has been found in 274056675 springboot-openai-chatgpt e84f6f5. This affects the function deleteChat of the file /api/mjkj-chat/chat/ai/delete/chat of the comp...

CWE-2662025

CVE-2025-4016

MEDIUM
CVSS:5.4(Medium)

A vulnerability classified as critical has been found in 20120630 Novel-Plus up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160. This affects the function deleteIndex of the file novel-admin/src/main/java...

CWE-2662025