CVE-2025-55371

Incorrect access control in the component /controller/PersonController.java of jshERP v3.5 allows unauthorized attackers to obtain all the information of the handler by executing the getAllList method...

PT-2025-34223 · Jsherp · Jsherp

Name of the Vulnerable Software and Affected Versions: jshERP version 3.5 Description: An incorrect access control issue exists in the /controller/PersonController.java component of jshERP version 3.5. This allows unauthorized attackers to obtain all information of the handler by executing the...

Huaxia ERP Information Disclosure Vulnerability

Huaxia ERP is an ERP software from Huaxia, China. An information disclosure vulnerability exists in Huaxia ERP 3.1 and earlier versions, which originates in the file /user/getAllList and can lead to information disclosure...

PT-2024-15607 · Unknown · Huaxia Erp

Name of the Vulnerable Software and Affected Versions: Huaxia ERP versions up to 3.1 Description: A problematic issue affects some unknown processing of the file /user/getAllList, leading to information disclosure. The attack may be initiated remotely. Recommendations: For Huaxia ERP versions up ...