87 matches found
EUVD-2026-34988
A weakness has been identified in erzhongxmu JeeWMS up to 141740afb2ba14d441c82a833d0a418d07ca2d69. This issue affects some unknown processing of the file /base-boot/actuator of the component Boot Actuator Endpoint. Executing a manipulation can lead to information disclosure. The attack can be...
JeeWMS 安全漏洞
JeeWMS is a JAVA-based warehouse management system developed by JeeWMS Corporation in China. There is a security vulnerability in JeeWMS. This vulnerability stems from incorrect operations with parameters such as dbType/dbDriver/dbUrl/dbUsername/dbPassword in the JimuReport test-connection Endpoi...
CVE-2026-3969
A vulnerability was detected in FeMiner wms up to 1.0. This impacts an unknown function of the file /wms-master/src/basic/depart/departaddbg.php of the component Basic Organizational Structure Module. Performing a manipulation of the argument Name results in sql injection. The attack may be...
CVE-2026-3969 FeMiner wms Basic Organizational Structure depart_add_bg.php sql injection
A vulnerability was detected in FeMiner wms up to 1.0. This impacts an unknown function of the file /wms-master/src/basic/depart/departaddbg.php of the component Basic Organizational Structure Module. Performing a manipulation of the argument Name results in sql injection. The attack may be...
CVE-2025-65879
Warehouse Management System 1.2 contains an authenticated arbitrary file deletion vulnerability. The /goods/deleteGoods endpoint accepts a user-controlled goodsimg parameter, which is directly concatenated with the server's UPLOADPATH and passed to File.delete without validation. A remote...
CVE-2025-65878
The warehouse management system version 1.2 contains an arbitrary file read vulnerability. The endpoint /file/showImageByPath does not sanitize user-controlled path parameters. An attacker could exploit directory traversal to read arbitrary files on the server's file system. This could lead to th...
CVE-2025-65879
Warehouse Management System 1.2 contains an authenticated arbitrary file deletion vulnerability. The /goods/deleteGoods endpoint accepts a user-controlled goodsimg parameter, which is directly concatenated with the server's UPLOADPATH and passed to File.delete without validation. A remote...
Warehouse Management System 安全漏洞
Warehouse Management System is a warehouse management system by Carlo Montero Personal Developer. A security vulnerability exists in Warehouse Management System version 1.2, which stems from an unvalidated goodsimg parameter that could cause an authenticated user to delete arbitrary files...
Warehouse Management System 安全漏洞
Warehouse Management System is a warehouse management system by Carlo Montero Personal Developer. A security vulnerability exists in Warehouse Management System version 1.2, which stems from an uncleared user-controlled path parameter that could lead to arbitrary file reads...
CVE-2025-65878
The warehouse management system version 1.2 contains an arbitrary file read vulnerability. The endpoint /file/showImageByPath does not sanitize user-controlled path parameters. An attacker could exploit directory traversal to read arbitrary files on the server's file system. This could lead to th...
CVE-2025-65878
The warehouse management system version 1.2 contains an arbitrary file read vulnerability. The endpoint /file/showImageByPath does not sanitize user-controlled path parameters. An attacker could exploit directory traversal to read arbitrary files on the server's file system. This could lead to th...
CVE-2025-65878
CVE-2025-65878 affects Warehouse Management System v1.2. The vulnerability is an arbitrary file read via /file/showImageByPath where unsanitized user-supplied path parameters enable directory traversal to read arbitrary server files, risking leakage of sensitive information. Documented in multipl...
CVE-2025-65879
CVE-2025-65879 — Normal mode Warehouse Management System 1.2 is affected by an authenticated arbitrary file deletion vulnerability. The /goods/deleteGoods endpoint accepts a user-controlled goodsimg parameter, which is directly concatenated with the server’s UPLOAD_PATH and passed to File.delete(...
JeeWMS 安全漏洞
JeeWMS is a JAVA-based warehouse management system from China Huayi JeeWMS. A security vulnerability exists in JeeWMS version 20250820, which stems from a missing file check in the file/saveFiles function and could lead to remote code execution...
EUVD-2022-37087
Malicious code in bioql PyPI...
EUVD-2024-32193
Malicious code in bioql PyPI...
EUVD-2024-32195
Malicious code in bioql PyPI...
EUVD-2024-32191
Malicious code in bioql PyPI...
EUVD-2024-32192
Malicious code in bioql PyPI...
JeeWMS 安全漏洞
JeeWMS is a JAVA-based warehouse management system from China Huayi JeeWMS. A security vulnerability exists in JeeWMS version 3.7, which originates from SQL injection in the CgReportController API...