CVE-2026-2860 feng_ha_ha/megagao ssm-erp/production_ssm EmployeeController.java improper authorization

A security vulnerability has been detected in fenghaha/megagao ssm-erp and productionssm up to 4288d53bd35757b27f2d070057aefb2c07bdd097. Impacted is an unknown function of the file EmployeeController.java. The manipulation leads to improper authorization. It is possible to initiate the attack...

CVE-2026-2860

CVE-2026-2860 affects feng_ha_ha/megagao ssm-erp and production_ssm (up to commit 4288d53bd35757b27f2d070057aefb2c07bdd097). The vulnerability targets an unknown function in EmployeeController.java, causing improper authorization. It can be initiated remotely, and the exploit has been publicly di...

PT-2026-21352

A security vulnerability has been detected in feng ha ha/megagao ssm-erp and production ssm up to 4288d53bd35757b27f2d070057aefb2c07bdd097. Impacted is an unknown function of the file EmployeeController.java. The manipulation leads to improper authorization. It is possible to initiate the attack...

PT-2026-21367

A vulnerability has been found in feng ha ha/megagao ssm-erp and production ssm up to 4288d53bd35757b27f2d070057aefb2c07bdd097. This affects the function pictureDelete of the file PictureController.java. Such manipulation of the argument picName leads to path traversal. The attack can be launched...

ssm-erp和production_ssm 授权问题漏洞

productionssm is an ERP system developed by MegaGao’s individual developers using Spring+SpringMVC+Mybatis and jQuery EasyUI. ssm-erp is a production management ERP system developed by fenghaha’s individual developers. There are authorization issues between ssm-erp and productionssm...

CVE-2026-2852

A vulnerability was identified in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. This issue affects the function addSales/updateSales/deleteSales of the file dataset\repos\warehouse\src\main\java\com\yeqifu\bus\controller\SalesController.java of the component Sales Endpoint. The...

CVE-2026-2852

A vulnerability was identified in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. This issue affects the function addSales/updateSales/deleteSales of the file dataset\repos\warehouse\src\main\java\com\yeqifu\bus\controller\SalesController.java of the component Sales Endpoint. The...

CVE-2026-2852 yeqifu warehouse Sales Endpoint SalesController.java deleteSales access control

A vulnerability was identified in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. This issue affects the function addSales/updateSales/deleteSales of the file dataset\repos\warehouse\src\main\java\com\yeqifu\bus\controller\SalesController.java of the component Sales Endpoint. The...

CVE-2026-2850

A vulnerability was found in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. This affects the function addCustomer/updateCustomer/deleteCustomer of the file dataset\repos\warehouse\src\main\java\com\yeqifu\bus\controller\CustomerController.java of the component Customer Endpoint...

CVE-2026-2850

A vulnerability was found in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. This affects the function addCustomer/updateCustomer/deleteCustomer of the file dataset\repos\warehouse\src\main\java\com\yeqifu\bus\controller\CustomerController.java of the component Customer Endpoint...

CVE-2026-2849

A vulnerability has been found in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. Affected by this issue is the function deleteCache/removeAllCache/syncCache of the file dataset\repos\warehouse\src\main\java\com\yeqifu\sys\controller\CacheController.java of the component Cache Sy...

CVE-2026-24790

The underlying PLC of the device can be remotely influenced, without proper safeguards or authentication...

CVE-2026-2851 yeqifu warehouse Inport Endpoint InportController.java deleteInport access control

A vulnerability was determined in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. This vulnerability affects the function addInport/updateInport/deleteInport of the file dataset\repos\warehouse\src\main\java\com\yeqifu\bus\controller\InportController.java of the component Inport...

CVE-2026-2851 yeqifu warehouse Inport Endpoint InportController.java deleteInport access control

A vulnerability was determined in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. This vulnerability affects the function addInport/updateInport/deleteInport of the file dataset\repos\warehouse\src\main\java\com\yeqifu\bus\controller\InportController.java of the component Inport...

CVE-2026-2851

The CVE-2026-2851 entry concerns the YeQifu Warehouse project (up to commit aaf29962ba407d22d991781de28796ee7b4670e4). The vulnerability affects the Inport Endpoint, specifically InportController.java functions addInport, updateInport and deleteInport, causing improper access controls. It can be ...

CVE-2026-2850 yeqifu warehouse Customer Endpoint CustomerController.java deleteCustomer access control

A vulnerability was found in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. This affects the function addCustomer/updateCustomer/deleteCustomer of the file dataset\repos\warehouse\src\main\java\com\yeqifu\bus\controller\CustomerController.java of the component Customer Endpoint...

CVE-2026-2850

The CVE-2026-2850 entry concerns the YeQifu Warehouse project, affecting the Customer Endpoint component (dataset/repos/warehouse/src/main/java/com/yeqifu/bus/controller/CustomerController.java). The vulnerability arises from improper access controls in the addCustomer, updateCustomer, and delete...

CVE-2026-24790 Welker OdorEyes EcoSystem Pulse Bypass System with XL4 Controller Missing Authentication for Critical Function

The underlying PLC of the device can be remotely influenced, without proper safeguards or authentication...

CVE-2026-24790

Technical details about CVE-2026-24790 are not publicly available in the provided documents. Monitor for updates.

CVE-2026-2849 yeqifu warehouse Cache Sync CacheController.java syncCache access control

A vulnerability has been found in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. Affected by this issue is the function deleteCache/removeAllCache/syncCache of the file dataset\repos\warehouse\src\main\java\com\yeqifu\sys\controller\CacheController.java of the component Cache Sy...