All 3 CVE vulnerabilities found in carRental, with AI-generated Chinese analysis, references, and POCs.
Vendor: yeqifu
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-15432 | yeqifu carRental com.yeqifu.sys.controller.FileController downloadShowFile.action downloadShowFile path traversal CWE-22 | 5.3 | Medium | 2026-01-02 |
| CVE-2025-9650 | yeqifu carRental AppFileUtils.java removeFileByPath path traversal CWE-22 | 5.4 | Medium | 2025-08-29 |
| CVE-2025-9310 | yeqifu carRental Druid login.html hard-coded credentials CWE-798 | 5.3 | Medium | 2025-08-21 |
All 3 known CVE vulnerabilities affecting carRental with full Chinese analysis, references, and POCs where available.