224 matches found
CVE-2025-5384
A vulnerability was found in JeeWMS up to 20250504. It has been classified as critical. This affects the function CgAutoListController of the file /cgAutoListController.do?datagrid. The manipulation leads to sql injection. It is possible to initiate the attack remotely. This product takes the...
CVE-2025-5384
The CVE-2025-5384 vulnerability affects JeeWMS up to version 20250504, targeting the CgAutoListController.do?datagrid function. It enables remote SQL injection due to the underlying vulnerability in CgAutoListController, with no disclosed affected/update release versions in the sources. A practic...
CVE-2025-5384 JeeWMS cgAutoListController.do CgAutoListController sql injection
A vulnerability was found in JeeWMS up to 20250504. It has been classified as critical. This affects the function CgAutoListController of the file /cgAutoListController.do?datagrid. The manipulation leads to sql injection. It is possible to initiate the attack remotely. This product takes the...
CVE-2025-5384 JeeWMS cgAutoListController.do CgAutoListController sql injection
A vulnerability was found in JeeWMS up to 20250504. It has been classified as critical. This affects the function CgAutoListController of the file /cgAutoListController.do?datagrid. The manipulation leads to sql injection. It is possible to initiate the attack remotely. This product takes the...
PT-2025-23415 · Jeewms · Jeewms
Name of the Vulnerable Software and Affected Versions: JeeWMS up to 20250504 Description: A critical issue was found in the File Handler component, specifically affecting the filedeal function of the /systemController/filedeal.do file. This leads to improper access controls, allowing remote...
JeeWMS 安全漏洞
JeeWMS is a JAVA-based warehouse management system from China Huayi JeeWMS. A security vulnerability exists in JeeWMS 20250504 and earlier versions, which originates from improper access control in the function filedeal in the file /systemController/filedeal.do...
JeeWMS 注入漏洞
JeeWMS is a JAVA-based warehouse management system from China Huayi JeeWMS. JeeWMS 20250504 and previous versions of injection vulnerability exists, the vulnerability stems from the file /generateController.do?dogenerate function dogenerate SQL injection...
PT-2025-23408 · Jeewms · Jeewms
Name of the Vulnerable Software and Affected Versions: JeeWMS versions up to 20250504 Description: A critical issue was found, affecting the function CgAutoListController of the file "/cgAutoListController.do?datagrid". This issue leads to sql injection and can be initiated remotely. The product...
PT-2025-23409 · Jeewms · Jeewms
Name of the Vulnerable Software and Affected Versions: JeeWMS versions up to 20250504 Description: A critical issue affects the doAdd function of the /cgformTemplateController.do?doAdd API endpoint, leading to path traversal. This can be initiated remotely. Recommendations: For versions up to...
PT-2025-23413 · Jeewms · Jeewms
Name of the Vulnerable Software and Affected Versions: JeeWMS up to 20250504 Description: A critical vulnerability was found in JeeWMS, affecting the dogenerate function of the file "/generateController.do?dogenerate". This vulnerability leads to SQL injection and can be launched remotely...
JeeWMS 安全漏洞
JeeWMS is a JAVA-based warehouse management system from China Huayi JeeWMS. A security vulnerability exists in JeeWMS 20250504 and earlier versions, which originates from improper access control in the function dogenerate in the file /generateController.do?dogenerate...
PT-2025-23414 · Jeewms · Jeewms
Name of the Vulnerable Software and Affected Versions: JeeWMS versions up to 20250504 Description: A critical issue has been found in the function dogenerateOne2Many of the file /generateController.do?dogenerateOne2Many of the component File Handler, leading to improper access controls. The attac...
PT-2025-23412 · Jeewms · Jeewms
Name of the Vulnerable Software and Affected Versions: JeeWMS up to 20250504 Description: A critical issue has been discovered, affecting the dogenerate function of the /generateController.do?dogenerate file in the File Handler component. This leads to improper access controls, allowing remote...
PT-2025-23410 · Jeewms · Jeewms
Name of the Vulnerable Software and Affected Versions: JeeWMS up to 20250504 Description: A critical issue affects the transEditor function of the file "/cgformTransController.do?transEditor". This issue leads to SQL injection and can be initiated remotely. Recommendations: For JeeWMS up to...
CVE-2024-27765
Directory Traversal vulnerability in Jeewms v.3.7 and before allows a remote attacker to obtain sensitive information via the cgformTemplateController component...
CVE-2024-27764
An issue in Jeewms v.3.7 and before allows a remote attacker to escalate privileges via the AuthInterceptor component...
CVE-2024-12347
A vulnerability was found in Guangzhou Huayi Intelligent Technology Jeewms up to 1.0.0 and classified as critical. This issue affects some unknown processing of the file /jeewmswar/webpage/system/druid/index.html of the component Druid Monitoring Interface. The manipulation leads to improper...
CVE-2024-11961
A vulnerability was found in Guangzhou Huayi Intelligent Technology Jeewms 3.7. It has been rated as problematic. This issue affects the function preHandle of the file src/main/java/com/zzjee/wm/controller/WmOmNoticeHController.java. The manipulation of the argument request leads to information...
CVE-2024-11251
A vulnerability was found in erzhongxmu Jeewms up to 20241108. It has been rated as critical. This issue affects some unknown processing of the file cgReportController.do of the component AuthInterceptor. The manipulation of the argument begindate leads to sql injection. The attack may be initiat...
CVE-2024-57757
JeeWMS before v2025.01.01 was discovered to contain a permission bypass in the component /interceptors/AuthInterceptor.cava...