224 matches found
CVE-2024-27764
An issue in Jeewms v.3.7 and before allows a remote attacker to escalate privileges via the AuthInterceptor component...
Design/Logic Flaw
An issue in Jeewms v.3.7 and before allows a remote attacker to escalate privileges via the AuthInterceptor component...
Directory traversal
Directory Traversal vulnerability in Jeewms v.3.7 and before allows a remote attacker to obtain sensitive information via the cgformTemplateController component...
CVE-2024-27765
Directory Traversal vulnerability in Jeewms v.3.7 and before allows a remote attacker to obtain sensitive information via the cgformTemplateController component...
JeeWMS Security Vulnerabilities
JeeWMS is JeeWMS open source a JAVA-based warehouse management system . JeeWMS v.3.7 and earlier versions of a security vulnerability , the vulnerability stems from allowing remote attackers to obtain sensitive information through the cgformTemplateController component...
CVE-2024-27764
An issue in Jeewms v.3.7 and before allows a remote attacker to escalate privileges via the AuthInterceptor component...
PT-2024-22028 · Jeewms · Jeewms
Name of the Vulnerable Software and Affected Versions: Jeewms versions 3.7 and earlier Description: A Directory Traversal issue allows a remote attacker to obtain sensitive information via the cgformTemplateController component. Recommendations: For Jeewms versions 3.7 and earlier, at the moment,...
CVE-2024-27765
Directory Traversal vulnerability in Jeewms v.3.7 and before allows a remote attacker to obtain sensitive information via the cgformTemplateController component...
CVE-2024-27764
Jeewms v3.7 and earlier are affected by a privilege-escalation issue through the AuthInterceptor component. Public documents consistently state remote attackers can escalate privileges, implying impact to confidentiality, integrity, and availability as per CVSS v3.1 metrics (CRITICAL, AV:N, AC:L,...
JeeWMS Security Vulnerabilities
JeeWMS is JeeWMS open source a JAVA-based warehouse management system . JeeWMS v.3.7 and earlier versions of a security vulnerability , the vulnerability stems from allowing remote attackers to escalate privileges through the AuthInterceptor component...
CVE-2024-27764
An issue in Jeewms v.3.7 and before allows a remote attacker to escalate privileges via the AuthInterceptor component...
PT-2024-22027 · Jeewms · Jeewms
Name of the Vulnerable Software and Affected Versions: Jeewms versions 3.7 and earlier Description: The issue allows a remote attacker to escalate privileges via the AuthInterceptor component. Recommendations: For Jeewms versions 3.7 and earlier, at the moment, there is no information about a new...
CVE-2024-27765
CVE-2024-27765 affects Jeewms versions 3.7 and earlier. Affected component: the cgformTemplateController, with a directory traversal vulnerability that allows a remote attacker to obtain sensitive information. Root cause is a directory traversal issue in the controller. Documented impact indicate...
XML Entity Injection Vulnerability in jeewms
jeewms is led by Linglu Valley Technology open source project , JAVA-based warehouse management system support for self- and third-party , including PDA side and WEB side . jeewms there is an XML entity injection vulnerability , an attacker can use the vulnerability to read the server file...
SQL injection vulnerability in jeewms (CNVD-2021-57222)
jeewms is led by Linglu Valley Technology open source project , JAVA-based warehouse management system support for self- and third-party , including PDA side and WEB side . jeewms SQL injection vulnerability , attackers can use the vulnerability to obtain sensitive database information...
JEEWMS suffers from a file upload vulnerability (CNVD-2021-51493)
JEEWMS JAVA-based warehouse management system support for self-support and third-party, including PDA side and WEB side. JEEWMS has a file upload vulnerability that can be exploited by an attacker to gain control of the server...
SQL injection vulnerability in jeewms (CNVD-2021-51413)
jeewms is led by Linglu Valley Technology open source project , JAVA-based warehouse management system support for self- and third-party , including PDA side and WEB side . jeewms SQL injection vulnerability , attackers can use the vulnerability to obtain sensitive database information...
File upload vulnerability in jeewms (CNVD-2021-51414)
jeewms is led by Linglu Valley Technology open source project , JAVA-based warehouse management system support for self- and third-party , including PDA side and WEB side . jeewms file upload vulnerability , attackers can upload malicious files through the vulnerability , control the server...
File upload vulnerability in jeewms (CNVD-2021-49574)
jeewms is led by Linglu Valley Technology open source project , JAVA-based warehouse management system support for self- and third-party , including PDA side and WEB side . jeewms file upload vulnerability , attackers can use the vulnerability to obtain server privileges...
File upload vulnerability in jeewms (CNVD-2021-49598)
jeewms is led by Linglu Valley Technology open source project , JAVA-based warehouse management system support for self- and third-party , including PDA side and WEB side . jeewms file upload vulnerability , attackers can use the vulnerability to obtain server privileges...