CVE-2025-10086

Name of the Vulnerable Software and Affected Versions: fuyang lipengjun platform version 1.0.0

Description: A weakness exists in the queryAll function of the AdPositionController component, located in the file /adposition/queryAll. This manipulation causes improper authorization and can be initiated remotely. The exploit has been made publicly available.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, consider restricting access to the /adposition/queryAll file until a fix is available. Disable the queryAll function until a fix is available.