Lucene search
+L

224 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-53728

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00359EPSS
Exploits1References1
OSV
OSV
added 2025/09/16 1:16 p.m.3 views

CVE-2025-55834

A Cross Site Scripting vulnerability in JeeWMS v.3.7 and before allows a remote attacker to obtain sensitive information via the logController.do component...

6.1CVSS5.8AI score0.00305EPSS
Exploits1References1
CVE
CVE
added 2025/09/16 12:0 a.m.19 views

CVE-2025-55834

CVE-2025-55834: A Cross Site Scripting vulnerability in JeeWMS v3.7 and earlier exists due to improper handling in logController.do, potentially exposing sensitive information. Affected: JeeWMS prior to 3.8. Impact is information disclosure (per sources). Remediation: upgrade to JeeWMS 3.8 or lat...

6.1CVSS5.7AI score0.00305EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/09/16 12:0 a.m.6 views

CVE-2025-55834

A Cross Site Scripting vulnerability in JeeWMS v.3.7 and before allows a remote attacker to obtain sensitive information via the logController.do component...

5.7AI score0.00305EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/09/16 12:0 a.m.12 views

CVE-2025-55834

A Cross Site Scripting vulnerability in JeeWMS v.3.7 and before allows a remote attacker to obtain sensitive information via the logController.do component...

0.00305EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/09/16 12:0 a.m.5 views

JeeWMS 安全漏洞

JeeWMS is a JAVA-based warehouse management system . A cross-site scripting vulnerability exists in JeeWMS 3.7 and earlier versions, which stems from the lack of effective filtering and escaping of user-supplied data by the logController.do component, and can be exploited by an attacker to disclo...

6.1CVSS5.9AI score0.00305EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/09/16 12:0 a.m.8 views

PT-2025-37948

Name of the Vulnerable Software and Affected Versions: JeeWMS versions prior to 3.8 Description: A Cross Site Scripting issue exists in JeeWMS versions prior to 3.8, potentially allowing a remote attacker to obtain sensitive information via the logController.do component. Recommendations: Update ...

6.1CVSS5.8AI score0.00305EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/08/24 12:13 a.m.10 views

CVE-2024-53499

Jeewms v3.7 was discovered to contain a SQL injection vulnerability via the CgReportController API...

9.8CVSS8.6AI score0.00476EPSS
Exploits1References1
OSV
OSV
added 2025/08/22 6:15 p.m.4 views

CVE-2024-53499

Jeewms v3.7 was discovered to contain a SQL injection vulnerability via the CgReportController API...

9.8CVSS5.8AI score0.00476EPSS
Exploits1References3
NVD
NVD
added 2025/08/22 6:15 p.m.18 views

CVE-2024-53499

Jeewms v3.7 was discovered to contain a SQL injection vulnerability via the CgReportController API...

9.8CVSS0.00476EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/08/22 12:22 a.m.15 views

CVE-2025-50901

JeeWMS 771e4f5d0c01ffdeae1671be4cf102b73a3fe644 2025-05-19 contains incorrect authentication bypass vulnerability, which can lead to arbitrary file reading...

9.8CVSS7.6AI score0.00415EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/08/22 12:0 a.m.5 views

CVE-2024-53499

Jeewms v3.7 was discovered to contain a SQL injection vulnerability via the CgReportController API...

8.5AI score0.00476EPSS
Exploits1References3
CVE
CVE
added 2025/08/22 12:0 a.m.25 views

CVE-2024-53499

Jeewms v3.7 contains a SQL injection vulnerability in the CgReportController API endpoint. The issue is caused by unsafe handling in the CgReportController, leading to high-severity impact (C, I, A) with CVSS 3.1 score 9.8 (NETWORK, NO AUTH, NO USER INTERACTION). The CVE listing and connected sou...

9.8CVSS7.9AI score0.00476EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologies
added 2025/08/22 12:0 a.m.10 views

PT-2025-34471 · Jeewms · Jeewms

Name of the Vulnerable Software and Affected Versions: Jeewms version 3.7 Description: Jeewms version 3.7 contains a SQL injection vulnerability via the CgReportController API. The vulnerability is located in the CgReportController API endpoint. Recommendations: At the moment, there is no...

9.8CVSS7.9AI score0.00476EPSS
Exploits1References6
Cvelist
Cvelist
added 2025/08/22 12:0 a.m.14 views

CVE-2024-53499

Jeewms v3.7 was discovered to contain a SQL injection vulnerability via the CgReportController API...

0.00476EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/08/22 12:0 a.m.6 views

JeeWMS 安全漏洞

JeeWMS is a JAVA-based warehouse management system from China Huayi JeeWMS. A security vulnerability exists in JeeWMS version 3.7, which originates from SQL injection in the CgReportController API...

9.8CVSS7.8AI score0.00476EPSS
Exploits1References4
NVD
NVD
added 2025/08/20 5:15 p.m.8 views

CVE-2025-50901

JeeWMS 771e4f5d0c01ffdeae1671be4cf102b73a3fe644 2025-05-19 contains incorrect authentication bypass vulnerability, which can lead to arbitrary file reading...

9.8CVSS0.00415EPSS
Exploits1References1
OSV
OSV
added 2025/08/20 5:15 p.m.4 views

CVE-2025-50901

JeeWMS 771e4f5d0c01ffdeae1671be4cf102b73a3fe644 2025-05-19 contains incorrect authentication bypass vulnerability, which can lead to arbitrary file reading...

9.8CVSS5.9AI score0.00415EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/08/20 12:0 a.m.6 views

JeeWMS 安全漏洞

JeeWMS is a JAVA-based warehouse management system from China Huayi JeeWMS. A security vulnerability exists in JeeWMS, which stems from an authentication bypass that could lead to arbitrary file reading...

9.8CVSS7AI score0.00415EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/08/20 12:0 a.m.15 views

CVE-2025-50901

JeeWMS 771e4f5d0c01ffdeae1671be4cf102b73a3fe644 2025-05-19 contains incorrect authentication bypass vulnerability, which can lead to arbitrary file reading...

0.00415EPSS
Exploits1References1
Rows per page
Query Builder