CVE-2025-4494
Published
CVSS v3
7.3
HIGH
CVSS v2
7.5
HIGH
Affected
1
PROJECT
Description
A vulnerability, which was classified as critical, was found in JAdmin-JAVA JAdmin 1.0. Affected is the function toLogin of the file NoNeedLoginController.java of the component Admin Backend. The manipulation leads to improper authentication. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
JAdmin 是一个基于Java语言的快速开发平台,数据库表创建后,只需5分钟就能开发一套后台管理系统。无需JSP,一个Controller,一个JavaBean,就可以实现数据的增删改查。 文本框、单选、多选、图片组件、日期组件、富文本编辑器、坐标选取等等……一个注解轻松搞定。友好的代码结构及注释,便于阅读及开发。
GitHub