3 matches found
CVE-2025-7566 jshERP SystemConfigController.java exportExcelByParam path traversal
A vulnerability has been found in jshERP up to 3.5 and classified as critical. This vulnerability affects the function exportExcelByParam of the file /src/main/java/com/jsh/erp/controller/SystemConfigController.java. The manipulation of the argument Title leads to path traversal. The attack can b...
CVE-2025-7566 jshERP SystemConfigController.java exportExcelByParam path traversal
A vulnerability has been found in jshERP up to 3.5 and classified as critical. This vulnerability affects the function exportExcelByParam of the file /src/main/java/com/jsh/erp/controller/SystemConfigController.java. The manipulation of the argument Title leads to path traversal. The attack can b...
CVE-2025-7566
CVE-2025-7566 affects jshERP up to version 3.5. The vulnerability is in the function exportExcelByParam within SystemConfigController.java, where manipulation of the Title argument leads to path traversal. Several sources (NVD, Red Hat, OSV, CVE lists, and PT-Security) indicate remote exploitatio...