32 matches found
CVE-2026-2077
A security vulnerability has been detected in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. Affected by this issue is the function addRole/updateRole/deleteRole of the file dataset\repos\warehouse\src\main\java\com\yeqifu\sys\controller\RoleController.java of the component Role...
CVE-2026-2077
A security vulnerability has been detected in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. Affected by this issue is the function addRole/updateRole/deleteRole of the file dataset\repos\warehouse\src\main\java\com\yeqifu\sys\controller\RoleController.java of the component Role...
CVE-2026-2077
The CVE CVE-2026-2077 affects yeqifu warehouse, specifically the Role Management Handler’s RoleController.java addRole, updateRole, and deleteRole functions. Reported improper authorization is caused by manipulation of these functions, with the attack described as eliminable remotely and publicly...
EUVD-2026-5746
A security vulnerability has been detected in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. Affected by this issue is the function addRole/updateRole/deleteRole of the file dataset\repos\warehouse\src\main\java\com\yeqifu\sys\controller\RoleController.java of the component Role...
CVE-2026-2077
A security vulnerability has been detected in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. Affected by this issue is the function addRole/updateRole/deleteRole of the file dataset\repos\warehouse\src\main\java\com\yeqifu\sys\controller\RoleController.java of the component Role...
CVE-2026-2077 yeqifu warehouse Role Management RoleController.java deleteRole improper authorization
A security vulnerability has been detected in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. Affected by this issue is the function addRole/updateRole/deleteRole of the file dataset\repos\warehouse\src\main\java\com\yeqifu\sys\controller\RoleController.java of the component Role...
CVE-2026-2075
A security flaw has been discovered in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. Affected is the function saveRolePermission of the file dataset\repos\warehouse\src\main\java\com\yeqifu\sys\controller\RoleController.java of the component Role-Permission Binding Handler. The...
CVE-2026-2075 yeqifu warehouse Role-Permission Binding RoleController.java saveRolePermission access control
A security flaw has been discovered in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. Affected is the function saveRolePermission of the file dataset\repos\warehouse\src\main\java\com\yeqifu\sys\controller\RoleController.java of the component Role-Permission Binding Handler. The...
EUVD-2026-5748
A security flaw has been discovered in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. Affected is the function saveRolePermission of the file dataset\repos\warehouse\src\main\java\com\yeqifu\sys\controller\RoleController.java of the component Role-Permission Binding Handler. The...
CVE-2026-2075 yeqifu warehouse Role-Permission Binding RoleController.java saveRolePermission access control
A security flaw has been discovered in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. Affected is the function saveRolePermission of the file dataset\repos\warehouse\src\main\java\com\yeqifu\sys\controller\RoleController.java of the component Role-Permission Binding Handler. The...
PT-2026-6883
Name of the Vulnerable Software and Affected Versions yeqifu warehouse affected versions not specified Description A security issue exists in yeqifu warehouse related to improper authorization. The issue is present in the addRole, updateRole, and deleteRole functions within the RoleController.jav...
youlai-boot 安全漏洞
youlai-boot is a permission management system open source by China youlaiorg. A security vulnerability exists in youlai-boot version V2.21.1, which stems from the getRoleForm function in SysRoleController.java does not perform permission checking, which may result in non-root users directly...
PT-2025-52687
Name of the Vulnerable Software and Affected Versions youlai-boot version 2.21.1 Description The software contains an incorrect access control issue. The getRoleForm function in SysRoleController.java lacks proper permission checks. This may allow users without root privileges to access root role...
EUVD-2025-25417
Malicious code in bioql PyPI...
CVE-2025-55368
Incorrect access control in the component \controller\RoleController.java of jshERP v3.5 allows unauthorized attackers to arbitrarily modify the supplier status under any account...
CVE-2025-55368
Incorrect access control in the component \controller\RoleController.java of jshERP v3.5 allows unauthorized attackers to arbitrarily modify the supplier status under any account...
CVE-2025-55368
Incorrect access control in the component \controller\RoleController.java of jshERP v3.5 allows unauthorized attackers to arbitrarily modify the supplier status under any account...
CVE-2025-55368
Incorrect access control in the component \controller\RoleController.java of jshERP v3.5 allows unauthorized attackers to arbitrarily modify the supplier status under any account...
CVE-2025-55368
Incorrect access control in the component \controller\RoleController.java of jshERP v3.5 allows unauthorized attackers to arbitrarily modify the supplier status under any account...
CVE-2025-55368
CVE-2025-55368 affects jshERP v3.5 in the controller\RoleController.java, where an incorrect access control allows unauthorized attackers to arbitrarily modify the supplier status under any account. Multiple sources (RH, NVD, OSV, CNNVD, CVE list, PT Security) confirm the same description and ver...