CVE-2025-60269

JEEWMS 20250820 is vulnerable to SQL Injection in the exportXls function located in the src/main/java/org/jeecgframework/web/cgreport/controller/excel/CgExportExcelController.java file...

EUVD-2025-33755

JEEWMS 20250820 is vulnerable to SQL Injection in the exportXls function located in the src/main/java/org/jeecgframework/web/cgreport/controller/excel/CgExportExcelController.java file...

CVE-2025-60269

JEEWMS 20250820 is vulnerable to SQL Injection in the exportXls function located in the src/main/java/org/jeecgframework/web/cgreport/controller/excel/CgExportExcelController.java file...

CVE-2025-60269

JEEWMS 20250820 is vulnerable to SQL Injection in the exportXls function located in the src/main/java/org/jeecgframework/web/cgreport/controller/excel/CgExportExcelController.java file...

CVE-2025-60269

JEEWMS 20250820 is vulnerable to SQL Injection via the exportXls function in src/main/java/org/jeecgframework/web/cgreport/controller/excel/CgExportExcelController.java. The root cause, as described across Red Hat, NVD, CNNVD, CVE lists, is improper handling of input in the exportXls workflow, en...

PT-2025-41576

Name of the Vulnerable Software and Affected Versions JEEWMS version 20250820 Description The software is susceptible to a SQL Injection issue within the exportXls function. This function is located in the file...

CVE-2025-60269

JEEWMS 20250820 is vulnerable to SQL Injection in the exportXls function located in the src/main/java/org/jeecgframework/web/cgreport/controller/excel/CgExportExcelController.java file...

EUVD-2025-31173

Malicious code in bioql PyPI...

CVE-2025-10981

A vulnerability was detected in JeecgBoot up to 3.8.2. This impacts an unknown function of the file /sys/tenant/exportXls. Performing manipulation results in improper authorization. The attack can be initiated remotely. The exploit is now public and may be used. The vendor was contacted early abo...

CVE-2025-10979

A weakness has been identified in JeecgBoot up to 3.8.2. The impacted element is an unknown function of the file /sys/role/exportXls. This manipulation causes improper authorization. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be...

CVE-2025-10981

JeecgBoot up to version 3.8.2 is affected by an improper authorization vulnerability in the /sys/tenant/exportXls function. The issue allows remote manipulation and is evidenced by multiple sources noting a publicly available exploit. Several trackers (NVD, Red Hat, OSV, CVE lists, and PT-Securit...

JeecgBoot 授权问题漏洞

JeecgBoot is a Java low-code platform for enterprise web applications from China National Torch Jeecg. An authorization issue vulnerability exists in JeecgBoot 3.8.2 and prior versions, which stems from an improper authorization in the file /sys/tenant/exportXls, and could be exploited remotely...

CVE-2025-10980

The CVE affects JeecgBoot up to 3.8.2, with an improper authorization flaw in the file /sys/position/exportXls that can be triggered remotely. The issue enables a remote attack and is publicly disclosed. Affected component: /sys/position/exportXls within JeecgBoot; root cause: improper authorizat...

CVE-2025-10979

A weakness has been identified in JeecgBoot up to 3.8.2. The impacted element is an unknown function of the file /sys/role/exportXls. This manipulation causes improper authorization. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be...

CVE-2025-10978

A security flaw has been discovered in JeecgBoot up to 3.8.2. The affected element is an unknown function of the file /sys/user/exportXls of the component Filter Handler. The manipulation results in improper authorization. The attack may be performed from remote. The exploit has been released to...

CVE-2025-10979 JeecgBoot exportXls improper authorization

A weakness has been identified in JeecgBoot up to 3.8.2. The impacted element is an unknown function of the file /sys/role/exportXls. This manipulation causes improper authorization. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be...

JeecgBoot 授权问题漏洞

JeecgBoot is a Java low-code platform for enterprise web applications from China National Torch Jeecg. An authorization issue vulnerability exists in JeecgBoot 3.8.2 and earlier versions, which stems from improper authorization in the file /sys/user/exportXls in the component Filter Handler, whic...