CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

12 matches found

RedhatCVE•added 2026/02/24 11:2 p.m.•2 views

CVE-2026-3028

A vulnerability was determined in erzhongxmu JEEWMS up to 3.7. This vulnerability affects the function doAdd of the file src/main/java/com/jeecg/demo/controller/JeecgListDemoController.java. This manipulation of the argument Name causes cross site scripting. The attack may be initiated remotely...

6.1CVSS3.9AI score0.00047EPSS

Exploits1References1

NVD•added 2026/02/23 10:16 p.m.•5 views

CVE-2026-3028

6.1CVSS0.00047EPSS

Exploits1References4

ATTACKERKB•added 2026/02/23 9:32 p.m.•5 views

CVE-2026-3028

5.3CVSS3.9AI score0.00047EPSS

Exploits1References4Affected Software1

Positive Technologies•added 2026/02/23 12:0 a.m.•6 views

PT-2026-21567

Name of the Vulnerable Software and Affected Versions erzhongxmu JEEWMS versions up to 3.7 Description A flaw exists in erzhongxmu JEEWMS that allows for cross site scripting. The issue is located in the doAdd function within the file...

5.3CVSS3.4AI score0.00047EPSS

Exploits1References6

EUVD•added 2025/10/07 12:30 a.m.•0 views

EUVD-2020-10375

Malware in sbrugna...

4.8CVSS5.2AI score0.00235EPSS

Exploits1References2

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-16565

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00551EPSS

Exploits0References4

OSV•added 2025/05/31 5:15 p.m.•2 views

CVE-2025-5385

A vulnerability was found in JeeWMS up to 20250504. It has been declared as critical. This vulnerability affects the function doAdd of the file /cgformTemplateController.do?doAdd. The manipulation leads to path traversal. The attack can be initiated remotely. Continious delivery with rolling...

9.8CVSS5.4AI score

Exploits0References3

CVE•added 2025/05/31 4:31 p.m.•45 views

CVE-2025-5385

The CVE-2025-5385 vulnerability affects JeeWMS (up to 20250504) in the doAdd handler of /cgformTemplateController.do?doAdd, enabling path traversal when handling input. The issue is exploitable remotely and has a high impact described across multiple sources; no public fix version is provided. Pr...

9.8CVSS6.4AI score0.00551EPSS

Exploits0References3Affected Software1

Cvelist•added 2025/05/31 4:31 p.m.•12 views

CVE-2025-5385 JeeWMS cgformTemplateController.do doAdd path traversal

6.5CVSS0.00551EPSS

Exploits0References3

Positive Technologies•added 2025/05/31 12:0 a.m.•2 views

PT-2025-23409 · Jeewms · Jeewms

Name of the Vulnerable Software and Affected Versions: JeeWMS versions up to 20250504 Description: A critical issue affects the doAdd function of the /cgformTemplateController.do?doAdd API endpoint, leading to path traversal. This can be initiated remotely. Recommendations: For versions up to...

6.5CVSS6.2AI score0.00551EPSS

Exploits0References7

CNNVD•added 2025/05/31 12:0 a.m.•3 views

JeeWMS 路径遍历漏洞

JeeWMS is a JAVA-based warehouse management system from China Huayi JeeWMS. JeeWMS 20250504 and previous versions of path traversal vulnerability, the vulnerability stems from the file /cgformTemplateController.do?doAdd function doAdd there is a path traversal...

9.8CVSS6.5AI score0.00551EPSS

Exploits0References5

RedhatCVE•added 2025/05/22 3:51 p.m.•3 views

CVE-2020-18451

Cross Site Scripting XSS vulnerability exists in DamiCMS v6.0.6 via the title parameter in the doadd function in LabelAction.class.php...

4.8CVSS6AI score0.00235EPSS

Exploits1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by