CVE-2025-0406 | liujianview gymxmjpa 1.0 SubjectController.java SubjectDaoImpl subname sql injection

CVE-2025-0406 | liujianview gymxmjpa 1.0 SubjectController.java SubjectDaoImpl subname sql injection

A vulnerability was found in liujianview gymxmjpa 1.0. It has been classified as critical. Affected is the function SubjectDaoImpl of the file src/main/java/com/liujian/gymxmjpa/controller/SubjectController.java. The manipulation of the argument subname leads to sql injection. This vulnerability is traded as CVE-2025-0406. It is possible to launch the attack remotely. Furthermore, there is an exploit available.