Name of the Vulnerable Software and Affected Versions:

fuyang lipengjun platform version 1.0.0

Description:

A weakness exists in the `queryAll` function of the `AdPositionController` component, located in the file `/adposition/queryAll`. This manipulation causes improper authorization and can be initiated remotely. The exploit has been made publicly available.

Recommendations:

At the moment, there is no information about a newer version that contains a fix for this vulnerability.

As a temporary workaround, consider restricting access to the `/adposition/queryAll` file until a fix is available.

Disable the `queryAll` function until a fix is available.