16 matches found
EUVD-2025-31176
Malicious code in bioql PyPI...
JeecgBoot Authorization Issues Vulnerability (CNVD-2025-23073)
JeecgBoot is an open source low-code development platform based on the code generator of Beijing National Torch Information Technology Co. A security vulnerability exists in JeecgBoot 3.8.2 and earlier versions, which stems from improper authorization of the ids parameter in the...
CVE-2025-10977
A vulnerability was identified in JeecgBoot up to 3.8.2. Impacted is an unknown function of the file /sys/tenant/deleteBatch. The manipulation of the argument ids leads to improper authorization. The attack is possible to be carried out remotely. The complexity of an attack is rather high. The...
CVE-2025-10977
A vulnerability was identified in JeecgBoot up to 3.8.2. Impacted is an unknown function of the file /sys/tenant/deleteBatch. The manipulation of the argument ids leads to improper authorization. The attack is possible to be carried out remotely. The complexity of an attack is rather high. The...
CVE-2025-10977
A vulnerability was identified in JeecgBoot up to 3.8.2. Impacted is an unknown function of the file /sys/tenant/deleteBatch. The manipulation of the argument ids leads to improper authorization. The attack is possible to be carried out remotely. The complexity of an attack is rather high. The...
CVE-2025-10977 JeecgBoot deleteBatch improper authorization
A vulnerability was identified in JeecgBoot up to 3.8.2. Impacted is an unknown function of the file /sys/tenant/deleteBatch. The manipulation of the argument ids leads to improper authorization. The attack is possible to be carried out remotely. The complexity of an attack is rather high. The...
CVE-2025-10977
CVE-2025-10977 affects JeecgBoot up to version 3.8.2. Affected is an unknown function in the file /sys/tenant/deleteBatch where manipulation of the ids argument leads to improper authorization. The vulnerability can be exploited remotely and is described with high attack complexity; exploits are ...
JeecgBoot 授权问题漏洞
JeecgBoot is an open source low-code development platform based on the code generator of Beijing National Torch Information Technology Co. A security vulnerability exists in JeecgBoot 3.8.2 and earlier versions, which stems from improper authorization of the ids parameter in the...
PT-2025-39461
Name of the Vulnerable Software and Affected Versions JeecgBoot versions up to 3.8.2 Description A flaw exists in JeecgBoot that allows for improper authorization. This is due to the manipulation of the ids argument within an unknown function of the /sys/tenant/deleteBatch file. The attack can be...
CVE-2025-8840
A vulnerability was determined in jshERP up to 3.5. Affected is an unknown function of the file /jshERP-boot/user/deleteBatch of the component Endpoint. The manipulation of the argument ids leads to improper authorization. It is possible to launch the attack remotely. The exploit has been disclos...
CVE-2025-8840
A vulnerability was determined in jshERP up to 3.5. Affected is an unknown function of the file /jshERP-boot/user/deleteBatch of the component Endpoint. The manipulation of the argument ids leads to improper authorization. It is possible to launch the attack remotely. The exploit has been disclos...
CVE-2025-8840
A vulnerability was determined in jshERP up to 3.5. Affected is an unknown function of the file /jshERP-boot/user/deleteBatch of the component Endpoint. The manipulation of the argument ids leads to improper authorization. It is possible to launch the attack remotely. The exploit has been disclos...
CVE-2025-8840 jshERP Endpoint deleteBatch improper authorization
A vulnerability was determined in jshERP up to 3.5. Affected is an unknown function of the file /jshERP-boot/user/deleteBatch of the component Endpoint. The manipulation of the argument ids leads to improper authorization. It is possible to launch the attack remotely. The exploit has been disclos...
CVE-2025-8840
Summary (CVE-2025-8840, jshERP): Up to version 3.5, jshERP’s Endpoint component exposes an authorization flaw in the file /jshERP-boot/user/deleteBatch where manipulation of the argument ids enables a remote attack. Public exploit disclosure is noted. Several sources corroborate an improper autho...
jshERP 安全漏洞
jshERP Huaxia ERP is a homegrown ERP system by the individual developer of Ji Sheng Hua in China. A security vulnerability exists in jshERP Huaxia ERP version 3.5 and earlier, which originates from an authorization flaw due to improper handling of parameter ids in file /jshERP-boot/user/deleteBat...
PT-2025-32534 · Jsherp · Jsherp
Name of the Vulnerable Software and Affected Versions: jshERP versions prior to 3.6 Description: A vulnerability exists in jshERP up to version 3.5. An unknown function within the file /jshERP-boot/user/deleteBatch of the Endpoint component is affected. Manipulation of the argument ids leads to...