18995 matches found
CVE-2026-2865
A vulnerability was found in itsourcecode Agri-Trading Online Shopping System 1.0. This impacts an unknown function of the file admin/productcontroller.php of the component HTTP POST Request Handler. Performing a manipulation of the argument Product results in sql injection. The attack may be...
CVE-2026-2860
A security vulnerability has been detected in fenghaha/megagao ssm-erp and productionssm up to 4288d53bd35757b27f2d070057aefb2c07bdd097. Impacted is an unknown function of the file EmployeeController.java. The manipulation leads to improper authorization. It is possible to initiate the attack...
dst-admin 安全漏洞
dst-admin is a web application developed by Qinming99 using the Java language. Versions of dst-admin prior to 1.5.0 contained security vulnerabilities. These vulnerabilities stemmed from incorrect operations on the deleteBackup function in the FileHandler component within the...
PT-2026-21468
Name of the Vulnerable Software and Affected Versions qinming99 dst-admin versions up to 1.5.0 Description A flaw exists in qinming99 dst-admin that can lead to a denial of service. This issue is related to the deleteBackup function within the BackupController.java file located in the...
PT-2026-21455
Name of the Vulnerable Software and Affected Versions Dromara UJCMS version 10.0.2 Description A flaw exists in Dromara UJCMS version 10.0.2 within the ImportDataController component. Specifically, the importChanel function, located in the file /api/backend/ext/import-data/import-channel, is...
CVE-2026-2850
A vulnerability was found in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. This affects the function addCustomer/updateCustomer/deleteCustomer of the file dataset\repos\warehouse\src\main\java\com\yeqifu\bus\controller\CustomerController.java of the component Customer Endpoint...
CVE-2026-24790
The underlying PLC of the device can be remotely influenced, without proper safeguards or authentication...
CVE-2026-2865 itsourcecode Agri-Trading Online Shopping System HTTP POST Request productcontroller.php sql injection
A vulnerability was found in itsourcecode Agri-Trading Online Shopping System 1.0. This impacts an unknown function of the file admin/productcontroller.php of the component HTTP POST Request Handler. Performing a manipulation of the argument Product results in sql injection. The attack may be...
CVE-2026-2864
CVE-2026-2864 affects feng_ha_ha/megagao ssm-erp and production_ssm up to a certain commit. The vulnerability lies in the function pictureDelete of PictureController.java, where manipulating the argument picName enables path traversal. The issue can be exploited remotely and the public exploit is...
CVE-2026-2860
A security vulnerability has been detected in fenghaha/megagao ssm-erp and productionssm up to 4288d53bd35757b27f2d070057aefb2c07bdd097. Impacted is an unknown function of the file EmployeeController.java. The manipulation leads to improper authorization. It is possible to initiate the attack...
CVE-2026-2860 feng_ha_ha/megagao ssm-erp/production_ssm EmployeeController.java improper authorization
A security vulnerability has been detected in fenghaha/megagao ssm-erp and productionssm up to 4288d53bd35757b27f2d070057aefb2c07bdd097. Impacted is an unknown function of the file EmployeeController.java. The manipulation leads to improper authorization. It is possible to initiate the attack...
CVE-2026-2860
CVE-2026-2860 affects feng_ha_ha/megagao ssm-erp and production_ssm (up to commit 4288d53bd35757b27f2d070057aefb2c07bdd097). The vulnerability targets an unknown function in EmployeeController.java, causing improper authorization. It can be initiated remotely, and the exploit has been publicly di...
PT-2026-21367
A vulnerability has been found in feng ha ha/megagao ssm-erp and production ssm up to 4288d53bd35757b27f2d070057aefb2c07bdd097. This affects the function pictureDelete of the file PictureController.java. Such manipulation of the argument picName leads to path traversal. The attack can be launched...
PT-2026-21352
A security vulnerability has been detected in feng ha ha/megagao ssm-erp and production ssm up to 4288d53bd35757b27f2d070057aefb2c07bdd097. Impacted is an unknown function of the file EmployeeController.java. The manipulation leads to improper authorization. It is possible to initiate the attack...
ssm-erp和production_ssm 授权问题漏洞
productionssm is an ERP system developed by MegaGao’s individual developers using Spring+SpringMVC+Mybatis and jQuery EasyUI. ssm-erp is a production management ERP system developed by fenghaha’s individual developers. There are authorization issues between ssm-erp and productionssm...
CVE-2026-2852
A vulnerability was identified in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. This issue affects the function addSales/updateSales/deleteSales of the file dataset\repos\warehouse\src\main\java\com\yeqifu\bus\controller\SalesController.java of the component Sales Endpoint. The...
CVE-2026-2852
A vulnerability was identified in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. This issue affects the function addSales/updateSales/deleteSales of the file dataset\repos\warehouse\src\main\java\com\yeqifu\bus\controller\SalesController.java of the component Sales Endpoint. The...
CVE-2026-2852 yeqifu warehouse Sales Endpoint SalesController.java deleteSales access control
A vulnerability was identified in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. This issue affects the function addSales/updateSales/deleteSales of the file dataset\repos\warehouse\src\main\java\com\yeqifu\bus\controller\SalesController.java of the component Sales Endpoint. The...
CVE-2026-2850
A vulnerability was found in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. This affects the function addCustomer/updateCustomer/deleteCustomer of the file dataset\repos\warehouse\src\main\java\com\yeqifu\bus\controller\CustomerController.java of the component Customer Endpoint...
CVE-2026-2850
A vulnerability was found in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. This affects the function addCustomer/updateCustomer/deleteCustomer of the file dataset\repos\warehouse\src\main\java\com\yeqifu\bus\controller\CustomerController.java of the component Customer Endpoint...