5 matches found
CVE-2025-60269
JEEWMS 20250820 is vulnerable to SQL Injection in the exportXls function located in the src/main/java/org/jeecgframework/web/cgreport/controller/excel/CgExportExcelController.java file...
CVE-2022-32119
Arox School ERP Pro v1.0 was discovered to contain multiple arbitrary file upload vulnerabilities via the Add Photo function at photogalleries.inc.php and the import staff excel function at 1financemaster.inc.php...
PT-2023-12523 · WordPress · Wp Easypay – Square
Name of the Vulnerable Software and Affected Versions: WP EasyPay – Square for WordPress plugin versions up to, and including, 3.2.0 Description: The issue is related to Cross-Site Request Forgery due to missing or incorrect nonce validation on the wpep download transaction in excel function. Thi...
CVE-2022-32119
Arox School ERP Pro v1.0 was discovered to contain multiple arbitrary file upload vulnerabilities via the Add Photo function at photogalleries.inc.php and the import staff excel function at 1financemaster.inc.php...
EUVD-2022-53368
Arox School ERP Pro v1.0 was discovered to contain multiple arbitrary file upload vulnerabilities via the Add Photo function at photogalleries.inc.php and the import staff excel function at 1financemaster.inc.php...