CNNVD-202506-3377 Information

CNNVD ID

CNNVD-202506-3377

Related CVE

CVE-2025-6738

• CNNVD Published: 2025-06-27

Description (Chinese)

bicycleSharingServer是中国huija个人开发者的一个共享单车JavaWEB后台。 bicycleSharingServer存在注入漏洞，该漏洞源于UserServiceImpl.java文件中userDao.selectUserByUserNameLike函数对Username参数操作不当，可能导致SQL注入攻击。

Description (English)

BicycleSharingServer is a shared bicycle behind JavaWEB, a personal developer in Huija, China. There is an injection loophole in the BiccycleSharingServer that originates from the userDao.sselectUserByuserNameLike function in the UservSerserviceImpl.java document, which may result in an attack by SQL.

Hazard Level

High

Vulnerability Type

注入

Affected Vendor

Live Support

Published

2025-06-27

Last Modified

2026-02-24

References

https://github.com/huija/bicycleSharingServer/issues/5 https://vuldb.com/?ctiid.314012 https://vuldb.com/?id.314012 https://vuldb.com/?submit.597988