4 matches found
CVE-2025-7566
A vulnerability has been found in jshERP up to 3.5 and classified as critical. This vulnerability affects the function exportExcelByParam of the file /src/main/java/com/jsh/erp/controller/SystemConfigController.java. The manipulation of the argument Title leads to path traversal. The attack can b...
CVE-2025-7566 jshERP SystemConfigController.java exportExcelByParam path traversal
A vulnerability has been found in jshERP up to 3.5 and classified as critical. This vulnerability affects the function exportExcelByParam of the file /src/main/java/com/jsh/erp/controller/SystemConfigController.java. The manipulation of the argument Title leads to path traversal. The attack can b...
CVE-2025-7566
CVE-2025-7566 affects jshERP up to version 3.5. The vulnerability is in the function exportExcelByParam within SystemConfigController.java, where manipulation of the Title argument leads to path traversal. Several sources (NVD, Red Hat, OSV, CVE lists, and PT-Security) indicate remote exploitatio...
PT-2025-29413 · Jsherp · Jsherp
Name of the Vulnerable Software and Affected Versions: jshERP versions up to 3.5 Description: A critical issue exists in jshERP that allows for path traversal. The exportExcelByParam function within the /src/main/java/com/jsh/erp/controller/SystemConfigController.java file is affected. Manipulati...