Lucene search
K

27 matches found

RedhatCVE
RedhatCVE
added 2026/06/08 8:58 a.m.11 views

CVE-2026-11458

A weakness has been identified in erzhongxmu JeeWMS up to 141740afb2ba14d441c82a833d0a418d07ca2d69. This issue affects some unknown processing of the file /base-boot/actuator of the component Boot Actuator Endpoint. Executing a manipulation can lead to information disclosure. The attack can be...

6.9CVSS5.5AI score0.00292EPSS
Exploits0References1
NVD
NVD
added 2026/06/07 9:16 a.m.17 views

CVE-2026-11457

A security flaw has been discovered in erzhongxmu JeeWMS up to 141740afb2ba14d441c82a833d0a418d07ca2d69. This vulnerability affects unknown code of the file /base-boot/jmreport/testConnection of the component JimuReport test-connection Endpoint. Performing a manipulation of the argument...

7.5CVSS0.00329EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/06/07 7:45 a.m.8 views

CVE-2026-11457

A security flaw has been discovered in erzhongxmu JeeWMS up to 141740afb2ba14d441c82a833d0a418d07ca2d69. This vulnerability affects unknown code of the file /base-boot/jmreport/testConnection of the component JimuReport test-connection Endpoint. Performing a manipulation of the argument...

7.5CVSS6.8AI score0.00329EPSS
Exploits0References5
CVE
CVE
added 2026/06/07 7:45 a.m.44 views

CVE-2026-11457

CVE-2026-11457 affects erzhongxmu JeeWMS, specifically the JimuReport test-connection endpoint’s file /base-boot/jmreport/testConnection. The vulnerability arises from injectable parameters in dbType, dbDriver, dbUrl, dbUsername, and dbPassword, enabling injection via crafted input. Remote exploi...

7.5CVSS6.8AI score0.00329EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/07 12:0 a.m.20 views

PT-2026-47179

A security flaw has been discovered in erzhongxmu JeeWMS up to 141740afb2ba14d441c82a833d0a418d07ca2d69. This vulnerability affects unknown code of the file /base-boot/jmreport/testConnection of the component JimuReport test-connection Endpoint. Performing a manipulation of the argument...

7.5CVSS6.8AI score0.00329EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/02/24 11:2 p.m.41 views

CVE-2026-3028

A vulnerability was determined in erzhongxmu JEEWMS up to 3.7. This vulnerability affects the function doAdd of the file src/main/java/com/jeecg/demo/controller/JeecgListDemoController.java. This manipulation of the argument Name causes cross site scripting. The attack may be initiated remotely...

6.1CVSS3.9AI score0.00308EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/02/24 10:42 p.m.22 views

CVE-2026-3026

A vulnerability has been found in erzhongxmu JEEWMS 3.7. Affected by this issue is some unknown functionality of the file /plug-in/ueditor/jsp/getRemoteImage.jsp of the component UEditor. The manipulation of the argument upfile leads to server-side request forgery. The attack can be initiated...

7.5CVSS5.2AI score0.00351EPSS
Exploits1References1
NVD
NVD
added 2026/02/23 10:16 p.m.8 views

CVE-2026-3028

A vulnerability was determined in erzhongxmu JEEWMS up to 3.7. This vulnerability affects the function doAdd of the file src/main/java/com/jeecg/demo/controller/JeecgListDemoController.java. This manipulation of the argument Name causes cross site scripting. The attack may be initiated remotely...

6.1CVSS0.00308EPSS
Exploits1References4
OSV
OSV
added 2026/02/23 10:16 p.m.3 views

CVE-2026-3028

A vulnerability was determined in erzhongxmu JEEWMS up to 3.7. This vulnerability affects the function doAdd of the file src/main/java/com/jeecg/demo/controller/JeecgListDemoController.java. This manipulation of the argument Name causes cross site scripting. The attack may be initiated remotely...

6.1CVSS4.1AI score0.00308EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/02/23 9:32 p.m.11 views

CVE-2026-3028

A vulnerability was determined in erzhongxmu JEEWMS up to 3.7. This vulnerability affects the function doAdd of the file src/main/java/com/jeecg/demo/controller/JeecgListDemoController.java. This manipulation of the argument Name causes cross site scripting. The attack may be initiated remotely...

5.3CVSS3.9AI score0.00308EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2026/02/23 9:19 p.m.6 views

CVE-2026-3027

A vulnerability was found in erzhongxmu JEEWMS up to 3.7. This affects an unknown part of the file src/main/webapp/plug-in/ueditor/jsp/getContent.jsp of the component UEditor. The manipulation of the argument myEditor results in cross site scripting. The attack can be launched remotely. The explo...

6.1CVSS4AI score0.00289EPSS
Exploits1References4
NVD
NVD
added 2026/02/23 9:19 p.m.12 views

CVE-2026-3026

A vulnerability has been found in erzhongxmu JEEWMS 3.7. Affected by this issue is some unknown functionality of the file /plug-in/ueditor/jsp/getRemoteImage.jsp of the component UEditor. The manipulation of the argument upfile leads to server-side request forgery. The attack can be initiated...

7.5CVSS0.00351EPSS
Exploits1References4
OSV
OSV
added 2026/02/23 9:19 p.m.5 views

CVE-2026-3026

A vulnerability has been found in erzhongxmu JEEWMS 3.7. Affected by this issue is some unknown functionality of the file /plug-in/ueditor/jsp/getRemoteImage.jsp of the component UEditor. The manipulation of the argument upfile leads to server-side request forgery. The attack can be initiated...

7.3CVSS5.4AI score0.00351EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/02/23 9:2 p.m.5 views

CVE-2026-3027 erzhongxmu JEEWMS UEditor getContent.jsp cross site scripting

A vulnerability was found in erzhongxmu JEEWMS up to 3.7. This affects an unknown part of the file src/main/webapp/plug-in/ueditor/jsp/getContent.jsp of the component UEditor. The manipulation of the argument myEditor results in cross site scripting. The attack can be launched remotely. The explo...

5.3CVSS4AI score0.00289EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/02/23 9:2 p.m.27 views

CVE-2026-3027 erzhongxmu JEEWMS UEditor getContent.jsp cross site scripting

A vulnerability was found in erzhongxmu JEEWMS up to 3.7. This affects an unknown part of the file src/main/webapp/plug-in/ueditor/jsp/getContent.jsp of the component UEditor. The manipulation of the argument myEditor results in cross site scripting. The attack can be launched remotely. The explo...

5.3CVSS0.00289EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/02/23 9:2 p.m.9 views

CVE-2026-3027

A vulnerability was found in erzhongxmu JEEWMS up to 3.7. This affects an unknown part of the file src/main/webapp/plug-in/ueditor/jsp/getContent.jsp of the component UEditor. The manipulation of the argument myEditor results in cross site scripting. The attack can be launched remotely. The explo...

5.3CVSS4AI score0.00289EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2026/02/23 9:2 p.m.17 views

CVE-2026-3027

Vulnerability summary (CVE-2026-3027) : In erzhongxmu JEEWMS (up to 3.7), the UEditor component’s file src/main/webapp/plug-in/ueditor/jsp/getContent.jsp is vulnerable. Manipulating the myEditor argument yields a cross-site scripting flaw that can be exploited remotely. Public exploit code exists...

6.1CVSS3.9AI score0.00289EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2026/02/23 8:2 p.m.28 views

CVE-2026-3026 erzhongxmu JEEWMS UEditor getRemoteImage.jsp server-side request forgery

A vulnerability has been found in erzhongxmu JEEWMS 3.7. Affected by this issue is some unknown functionality of the file /plug-in/ueditor/jsp/getRemoteImage.jsp of the component UEditor. The manipulation of the argument upfile leads to server-side request forgery. The attack can be initiated...

7.5CVSS0.00351EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/02/23 8:2 p.m.6 views

CVE-2026-3026 erzhongxmu JEEWMS UEditor getRemoteImage.jsp server-side request forgery

A vulnerability has been found in erzhongxmu JEEWMS 3.7. Affected by this issue is some unknown functionality of the file /plug-in/ueditor/jsp/getRemoteImage.jsp of the component UEditor. The manipulation of the argument upfile leads to server-side request forgery. The attack can be initiated...

7.5CVSS5.2AI score0.00351EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/02/23 12:0 a.m.11 views

PT-2026-21560

Name of the Vulnerable Software and Affected Versions erzhongxmu JEEWMS versions up to 3.7 Description A flaw exists in erzhongxmu JEEWMS, specifically within the UEditor component, affecting the file src/main/webapp/plug-in/ueditor/jsp/getContent.jsp. The myEditor argument can be manipulated to...

5.3CVSS3.6AI score0.00289EPSS
Exploits1References6
Rows per page
Query Builder