Lucene search
K

224 matches found

NVD
NVD
added 2025/05/31 4:15 p.m.11 views

CVE-2025-5384

A vulnerability was found in JeeWMS up to 20250504. It has been classified as critical. This affects the function CgAutoListController of the file /cgAutoListController.do?datagrid. The manipulation leads to sql injection. It is possible to initiate the attack remotely. This product takes the...

9.8CVSS0.00273EPSS
Exploits0References3
CVE
CVE
added 2025/05/31 4:0 p.m.55 views

CVE-2025-5384

The CVE-2025-5384 vulnerability affects JeeWMS up to version 20250504, targeting the CgAutoListController.do?datagrid function. It enables remote SQL injection due to the underlying vulnerability in CgAutoListController, with no disclosed affected/update release versions in the sources. A practic...

9.8CVSS6.8AI score0.00273EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2025/05/31 4:0 p.m.6 views

CVE-2025-5384 JeeWMS cgAutoListController.do CgAutoListController sql injection

A vulnerability was found in JeeWMS up to 20250504. It has been classified as critical. This affects the function CgAutoListController of the file /cgAutoListController.do?datagrid. The manipulation leads to sql injection. It is possible to initiate the attack remotely. This product takes the...

6.5CVSS6.8AI score0.00273EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/05/31 4:0 p.m.18 views

CVE-2025-5384 JeeWMS cgAutoListController.do CgAutoListController sql injection

A vulnerability was found in JeeWMS up to 20250504. It has been classified as critical. This affects the function CgAutoListController of the file /cgAutoListController.do?datagrid. The manipulation leads to sql injection. It is possible to initiate the attack remotely. This product takes the...

6.5CVSS0.00273EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/05/31 12:0 a.m.5 views

PT-2025-23415 · Jeewms · Jeewms

Name of the Vulnerable Software and Affected Versions: JeeWMS up to 20250504 Description: A critical issue was found in the File Handler component, specifically affecting the filedeal function of the /systemController/filedeal.do file. This leads to improper access controls, allowing remote...

6.5CVSS6.2AI score0.00267EPSS
Exploits0References7
CNNVD
CNNVD
added 2025/05/31 12:0 a.m.7 views

JeeWMS 安全漏洞

JeeWMS is a JAVA-based warehouse management system from China Huayi JeeWMS. A security vulnerability exists in JeeWMS 20250504 and earlier versions, which originates from improper access control in the function filedeal in the file /systemController/filedeal.do...

9.8CVSS6.4AI score0.00267EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/05/31 12:0 a.m.6 views

JeeWMS 注入漏洞

JeeWMS is a JAVA-based warehouse management system from China Huayi JeeWMS. JeeWMS 20250504 and previous versions of injection vulnerability exists, the vulnerability stems from the file /generateController.do?dogenerate function dogenerate SQL injection...

9.8CVSS7.1AI score0.00294EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/05/31 12:0 a.m.4 views

PT-2025-23408 · Jeewms · Jeewms

Name of the Vulnerable Software and Affected Versions: JeeWMS versions up to 20250504 Description: A critical issue was found, affecting the function CgAutoListController of the file "/cgAutoListController.do?datagrid". This issue leads to sql injection and can be initiated remotely. The product...

6.5CVSS6.4AI score0.00273EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2025/05/31 12:0 a.m.7 views

PT-2025-23409 · Jeewms · Jeewms

Name of the Vulnerable Software and Affected Versions: JeeWMS versions up to 20250504 Description: A critical issue affects the doAdd function of the /cgformTemplateController.do?doAdd API endpoint, leading to path traversal. This can be initiated remotely. Recommendations: For versions up to...

6.5CVSS6.2AI score0.00398EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/05/31 12:0 a.m.5 views

PT-2025-23413 · Jeewms · Jeewms

Name of the Vulnerable Software and Affected Versions: JeeWMS up to 20250504 Description: A critical vulnerability was found in JeeWMS, affecting the dogenerate function of the file "/generateController.do?dogenerate". This vulnerability leads to SQL injection and can be launched remotely...

6.5CVSS6.6AI score0.00294EPSS
Exploits0References8
CNNVD
CNNVD
added 2025/05/31 12:0 a.m.7 views

JeeWMS 安全漏洞

JeeWMS is a JAVA-based warehouse management system from China Huayi JeeWMS. A security vulnerability exists in JeeWMS 20250504 and earlier versions, which originates from improper access control in the function dogenerate in the file /generateController.do?dogenerate...

9.8CVSS6.4AI score0.00287EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/05/31 12:0 a.m.8 views

PT-2025-23414 · Jeewms · Jeewms

Name of the Vulnerable Software and Affected Versions: JeeWMS versions up to 20250504 Description: A critical issue has been found in the function dogenerateOne2Many of the file /generateController.do?dogenerateOne2Many of the component File Handler, leading to improper access controls. The attac...

6.5CVSS6.2AI score0.00287EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2025/05/31 12:0 a.m.5 views

PT-2025-23412 · Jeewms · Jeewms

Name of the Vulnerable Software and Affected Versions: JeeWMS up to 20250504 Description: A critical issue has been discovered, affecting the dogenerate function of the /generateController.do?dogenerate file in the File Handler component. This leads to improper access controls, allowing remote...

6.5CVSS6.3AI score0.00287EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/05/31 12:0 a.m.8 views

PT-2025-23410 · Jeewms · Jeewms

Name of the Vulnerable Software and Affected Versions: JeeWMS up to 20250504 Description: A critical issue affects the transEditor function of the file "/cgformTransController.do?transEditor". This issue leads to SQL injection and can be initiated remotely. Recommendations: For JeeWMS up to...

6.5CVSS6.7AI score0.00273EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2025/05/23 9:39 a.m.9 views

CVE-2024-27765

Directory Traversal vulnerability in Jeewms v.3.7 and before allows a remote attacker to obtain sensitive information via the cgformTemplateController component...

7.5CVSS6.5AI score0.00879EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:38 a.m.6 views

CVE-2024-27764

An issue in Jeewms v.3.7 and before allows a remote attacker to escalate privileges via the AuthInterceptor component...

9.8CVSS7.2AI score0.00969EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:54 a.m.8 views

CVE-2024-12347

A vulnerability was found in Guangzhou Huayi Intelligent Technology Jeewms up to 1.0.0 and classified as critical. This issue affects some unknown processing of the file /jeewmswar/webpage/system/druid/index.html of the component Druid Monitoring Interface. The manipulation leads to improper...

6.9CVSS5.3AI score0.006EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:51 a.m.8 views

CVE-2024-11961

A vulnerability was found in Guangzhou Huayi Intelligent Technology Jeewms 3.7. It has been rated as problematic. This issue affects the function preHandle of the file src/main/java/com/zzjee/wm/controller/WmOmNoticeHController.java. The manipulation of the argument request leads to information...

7.5CVSS7.3AI score0.00858EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:51 a.m.8 views

CVE-2024-11251

A vulnerability was found in erzhongxmu Jeewms up to 20241108. It has been rated as critical. This issue affects some unknown processing of the file cgReportController.do of the component AuthInterceptor. The manipulation of the argument begindate leads to sql injection. The attack may be initiat...

8.8CVSS7.1AI score0.00506EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:4 a.m.8 views

CVE-2024-57757

JeeWMS before v2025.01.01 was discovered to contain a permission bypass in the component /interceptors/AuthInterceptor.cava...

7.5CVSS7.5AI score0.00392EPSS
Exploits1References1
Rows per page
Query Builder