1934 matches found
CVE-2026-2107
A vulnerability was found in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. This affects the function loadAllLoginfo/deleteLoginfo/batchDeleteLoginfo of the file dataset\repos\warehouse\src\main\java\com\yeqifu\sys\controller\LoginfoController.java of the component Log Info...
EUVD-2026-5720
A vulnerability was found in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. This affects the function loadAllLoginfo/deleteLoginfo/batchDeleteLoginfo of the file dataset\repos\warehouse\src\main\java\com\yeqifu\sys\controller\LoginfoController.java of the component Log Info...
CVE-2026-2107
CVE-2026-2107 affects yeqifu warehouse (Log Info Handler). Multiple methods in LoginfoController (loadAllLoginfo, deleteLoginfo, batchDeleteLoginfo) enable improper authorization, with remote exploit capability. Public exploit exists; product uses no versioning, so affected/unaffected releases ar...
CVE-2026-2106 yeqifu warehouse Notice Management NoticeController.java batchDeleteNotice improper authorization
A vulnerability has been found in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. The impacted element is the function addNotice/updateNotice/deleteNotice/batchDeleteNotice of the file dataset\repos\warehouse\src\main\java\com\yeqifu\sys\controller\NoticeController.java of the...
CVE-2026-2106
A vulnerability has been found in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. The impacted element is the function addNotice/updateNotice/deleteNotice/batchDeleteNotice of the file dataset\repos\warehouse\src\main\java\com\yeqifu\sys\controller\NoticeController.java of the...
CVE-2026-2106
The CVE-2026-2106 entry relates to yeqifu warehouse, affecting the Notice Management component. The exposed flaw is in NoticeController.java functions addNotice, updateNotice, deleteNotice, and batchDeleteNotice, causing improper authorization and enabling remote exploitation. Publicly disclosed ...
CVE-2026-2106 yeqifu warehouse Notice Management NoticeController.java batchDeleteNotice improper authorization
A vulnerability has been found in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. The impacted element is the function addNotice/updateNotice/deleteNotice/batchDeleteNotice of the file dataset\repos\warehouse\src\main\java\com\yeqifu\sys\controller\NoticeController.java of the...
warehouse 授权问题漏洞
Warehouse is a small-scale warehouse logistics management system developed by Yeqifu’s individual developer, based on Spring Boot. There are authorization issues in Warehouse; these issues stem from incorrect operations in the component Log Info Handler, specifically in the file...
PT-2026-6914
Name of the Vulnerable Software and Affected Versions yeqifu warehouse versions prior to aaf29962ba407d22d991781de28796ee7b4670e4 Description A flaw exists within the Notice Management component of yeqifu warehouse, specifically in the addNotice, updateNotice, deleteNotice, and batchDeleteNotice...
CVE-2025-13818
Local privilege escalation vulnerability via insecure temporary batch file execution in ESET Management Agent...
CVE-2025-13818
Local privilege escalation vulnerability via insecure temporary batch file execution in ESET Management Agent...
CVE-2025-13818 Local privilege escalation in ESET Management Agent for Windows
Local privilege escalation vulnerability via insecure temporary batch file execution in ESET Management Agent...
EUVD-2025-206890
Local privilege escalation vulnerability via insecure temporary batch file execution in ESET Management Agent...
CVE-2025-13818
Summary: CVE-2025-13818 is a local privilege escalation in the Windows version of ESET Management Agent due to insecure temporary batch file execution. Affected software: ESET Management Agent (Windows). Vulnerability: Local exploit via insecure handling of temporary batch files that can escalate...
CVE-2025-13818 Local privilege escalation in ESET Management Agent for Windows
Local privilege escalation vulnerability via insecure temporary batch file execution in ESET Management Agent...
CVE-2025-13818
Local privilege escalation vulnerability via insecure temporary batch file execution in ESET Management Agent...
OpenSTAManager SQL注入漏洞
OpenSTAManager is an open-source management software for technical assistance and billing developed by Devcode. Versions of OpenSTAManager prior to v2.9.8 contained a SQL injection vulnerability. This vulnerability stemmed from insufficient validation of the idrecords array in the batch operation...
ESET Management Agent 安全漏洞
ESET Management Agent is a communication and data synchronization component developed by ESET Singapore. There is a security vulnerability in ESET Management Agent, which stems from the unsafe execution of temporary batch files, potentially leading to an increase in local privileges...
PT-2026-6723
Name of the Vulnerable Software and Affected Versions ESET Management Agent affected versions not specified Description A local privilege escalation issue exists due to insecure temporary batch file execution. This allows for potential unauthorized access to system resources. Recommendations At t...
Alist vulnerable to Path Traversal in multiple file operation handlers
Summary The application contains a Path Traversal vulnerability CWE-22 in multiple file operation handlers. An authenticated attacker can bypass directory-level authorisation by injecting traversal sequences into filename components, enabling unauthorised file removal, movement and copying across...