User Xiangpeng Yaoqishan
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in User Xiangpeng Yaoqishan.
By the Year
In 2026 there have been 0 vulnerabilities in User Xiangpeng Yaoqishan. Last year, in 2025 Yaoqishan had 1 security vulnerability published. Right now, Yaoqishan is on track to have less security vulnerabilities in 2026 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 1 | 9.80 |
It may take a day or so for new Yaoqishan vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent User Xiangpeng Yaoqishan Security Vulnerabilities
Java MediaInfoService SQLi via typeId Remote
CVE-2025-2112
9.8 - Critical
- March 08, 2025
A vulnerability was found in user-xiangpeng yaoqishan up to a47fec4a31cbd13698c592dfdc938c8824dd25e4. It has been declared as critical. Affected by this vulnerability is the function getMediaLisByFilter of the file cn/javaex/yaoqishan/service/media_info/MediaInfoService.java. The manipulation of the argument typeId leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available. The vendor was contacted early about this disclosure but did not respond in any way.
SQL Injection
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for User Xiangpeng Yaoqishan or by User Xiangpeng? Click the Watch button to subscribe.
