CNNVD-202510-293 Information

CNNVD ID

CNNVD-202510-293

Related CVE

CVE-2025-56161

• CNNVD Published: 2025-10-02

Description (Chinese)

Yoshop是中国yiovo开源的一款电商系统。 Yoshop 2.0版本存在安全漏洞，该漏洞源于评论列表API端点未经验证的信息泄露，可能导致敏感字段暴露。

Description (English)

Yoshop is an electric power provider system that is open to Yiovo in China. There is a security loophole in version Yoship 2.0, which stems from the disclosure of unverified information on the API endpoint of the comment list, which may lead to the exposure of sensitive fields.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

yiovo

Published

2025-10-02

Last Modified

2026-02-24

References

https://gitee.com/xany/yoshop2.0 https://github.com/ZyWAC/CVE-Disclosures/blob/6b337a44934ffe948275995e9b79158e97c78fc4/2025/YOSHOP2.0/CVE-2025-56161.md