5 matches found
CVE-2025-52130
File upload vulnerability in WebErpMesv2 1.17 in the app/Http/Controllers/FactoryController.php controller. This flaw allows an authenticated attacker to upload arbitrary files, including PHP scripts, which can be accessed via direct GET requests, potentially resulting in remote code execution RC...
CVE-2025-52130
File upload vulnerability in WebErpMesv2 1.17 in the app/Http/Controllers/FactoryController.php controller. This flaw allows an authenticated attacker to upload arbitrary files, including PHP scripts, which can be accessed via direct GET requests, potentially resulting in remote code execution RC...
WebErpMesv2 安全漏洞
WebErpMesv2 is an industry-oriented web system for resource management and manufacturing by Kevin Personal Developer. A security vulnerability exists in WebErpMesv2 version 1.17, which stems from a flaw in the FactoryController.php controller file upload function that could lead to remote code...
PT-2025-34700
Name of the Vulnerable Software and Affected Versions: WebErpMesv2 version 1.17 Description: A file upload vulnerability exists in the app/Http/Controllers/FactoryController.php controller. An authenticated attacker can upload arbitrary files, including PHP scripts. These files are accessible via...
CVE-2025-52130
CVE-2025-52130 is a file upload vulnerability in WebErpMesv2 prior to 1.19 (FactoryController.php in 1.17). An authenticated attacker can upload arbitrary files, including PHP scripts, which can be accessed via direct GET requests and may lead to Remote Code Execution (RCE). Related advisories (R...