Browse all 3 CVE security advisories affecting Beijing Yunfan Internet Technology. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Beijing Yunfan Internet Technology develops internet security solutions with a focus on vulnerability management and threat detection. The company has three CVEs recorded, primarily involving remote code execution and cross-site scripting vulnerabilities in their web applications. Historically, their products have shown weaknesses in input validation and insufficient access controls, leading to privilege escalation risks. While no major public security incidents have been documented, their vulnerability history suggests a pattern of insufficient secure coding practices, particularly in web service components. The company's security posture appears to prioritize functionality over robust protection, resulting in recurring low-to-medium severity flaws that could potentially be exploited by attackers.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-13111 | Beijing Yunfan Internet Technology Yunfan Learning Examination System JWT Token SysUserControl improper authentication — Yunfan Learning Examination SystemCWE-287 | 5.6 | Medium | 2025-01-02 |
| CVE-2024-13110 | Beijing Yunfan Internet Technology Yunfan Learning Examination System Exam Answer PaperController.java, information disclosure — Yunfan Learning Examination SystemCWE-200 | 4.3 | Medium | 2025-01-02 |
| CVE-2024-13109 | Beijing Yunfan Internet Technology Yunfan Learning Examination System doc.html improper authorization — Yunfan Learning Examination SystemCWE-285 | 5.3 | Medium | 2025-01-02 |
This page lists every published CVE security advisory associated with Beijing Yunfan Internet Technology. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.