Lucene search
K

224 matches found

NVD
NVD
added 2024/03/05 11:15 p.m.12 views

CVE-2024-27764

An issue in Jeewms v.3.7 and before allows a remote attacker to escalate privileges via the AuthInterceptor component...

9.8CVSS6.8AI score0.00969EPSS
Exploits1References1
Prion
Prion
added 2024/03/05 11:15 p.m.16 views

Design/Logic Flaw

An issue in Jeewms v.3.7 and before allows a remote attacker to escalate privileges via the AuthInterceptor component...

7.5AI score0.00969EPSS
Exploits1References1
Prion
Prion
added 2024/03/05 11:15 p.m.25 views

Directory traversal

Directory Traversal vulnerability in Jeewms v.3.7 and before allows a remote attacker to obtain sensitive information via the cgformTemplateController component...

6.7AI score0.00879EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/03/05 12:0 a.m.26 views

CVE-2024-27765

Directory Traversal vulnerability in Jeewms v.3.7 and before allows a remote attacker to obtain sensitive information via the cgformTemplateController component...

6.3AI score0.00879EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/03/05 12:0 a.m.7 views

JeeWMS Security Vulnerabilities

JeeWMS is JeeWMS open source a JAVA-based warehouse management system . JeeWMS v.3.7 and earlier versions of a security vulnerability , the vulnerability stems from allowing remote attackers to obtain sensitive information through the cgformTemplateController component...

7.5CVSS6.5AI score0.00879EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/03/05 12:0 a.m.11 views

CVE-2024-27764

An issue in Jeewms v.3.7 and before allows a remote attacker to escalate privileges via the AuthInterceptor component...

7.2AI score0.00969EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/03/05 12:0 a.m.4 views

PT-2024-22028 · Jeewms · Jeewms

Name of the Vulnerable Software and Affected Versions: Jeewms versions 3.7 and earlier Description: A Directory Traversal issue allows a remote attacker to obtain sensitive information via the cgformTemplateController component. Recommendations: For Jeewms versions 3.7 and earlier, at the moment,...

7.5CVSS6.7AI score0.00879EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2024/03/05 12:0 a.m.11 views

CVE-2024-27765

Directory Traversal vulnerability in Jeewms v.3.7 and before allows a remote attacker to obtain sensitive information via the cgformTemplateController component...

6.4AI score0.00879EPSS
Exploits1References1
CVE
CVE
added 2024/03/05 12:0 a.m.50 views

CVE-2024-27764

Jeewms v3.7 and earlier are affected by a privilege-escalation issue through the AuthInterceptor component. Public documents consistently state remote attackers can escalate privileges, implying impact to confidentiality, integrity, and availability as per CVSS v3.1 metrics (CRITICAL, AV:N, AC:L,...

9.8CVSS7.1AI score0.00969EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2024/03/05 12:0 a.m.5 views

JeeWMS Security Vulnerabilities

JeeWMS is JeeWMS open source a JAVA-based warehouse management system . JeeWMS v.3.7 and earlier versions of a security vulnerability , the vulnerability stems from allowing remote attackers to escalate privileges through the AuthInterceptor component...

9.8CVSS7AI score0.00969EPSS
Exploits1References3
Cvelist
Cvelist
added 2024/03/05 12:0 a.m.16 views

CVE-2024-27764

An issue in Jeewms v.3.7 and before allows a remote attacker to escalate privileges via the AuthInterceptor component...

7.1AI score0.00969EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/03/05 12:0 a.m.9 views

PT-2024-22027 · Jeewms · Jeewms

Name of the Vulnerable Software and Affected Versions: Jeewms versions 3.7 and earlier Description: The issue allows a remote attacker to escalate privileges via the AuthInterceptor component. Recommendations: For Jeewms versions 3.7 and earlier, at the moment, there is no information about a new...

9.8CVSS7.2AI score0.00969EPSS
Exploits1References3
CVE
CVE
added 2024/03/05 12:0 a.m.59 views

CVE-2024-27765

CVE-2024-27765 affects Jeewms versions 3.7 and earlier. Affected component: the cgformTemplateController, with a directory traversal vulnerability that allows a remote attacker to obtain sensitive information. Root cause is a directory traversal issue in the controller. Documented impact indicate...

7.5CVSS6.3AI score0.00879EPSS
Exploits1References1Affected Software1
CNVD
CNVD
added 2021/07/20 12:0 a.m.12 views

XML Entity Injection Vulnerability in jeewms

jeewms is led by Linglu Valley Technology open source project , JAVA-based warehouse management system support for self- and third-party , including PDA side and WEB side . jeewms there is an XML entity injection vulnerability , an attacker can use the vulnerability to read the server file...

7.3AI score
Exploits0
CNVD
CNVD
added 2021/07/20 12:0 a.m.10 views

SQL injection vulnerability in jeewms (CNVD-2021-57222)

jeewms is led by Linglu Valley Technology open source project , JAVA-based warehouse management system support for self- and third-party , including PDA side and WEB side . jeewms SQL injection vulnerability , attackers can use the vulnerability to obtain sensitive database information...

7.6AI score
Exploits0
CNVD
CNVD
added 2021/07/07 12:0 a.m.13 views

JEEWMS suffers from a file upload vulnerability (CNVD-2021-51493)

JEEWMS JAVA-based warehouse management system support for self-support and third-party, including PDA side and WEB side. JEEWMS has a file upload vulnerability that can be exploited by an attacker to gain control of the server...

7.4AI score
Exploits0
CNVD
CNVD
added 2021/07/06 12:0 a.m.10 views

SQL injection vulnerability in jeewms (CNVD-2021-51413)

jeewms is led by Linglu Valley Technology open source project , JAVA-based warehouse management system support for self- and third-party , including PDA side and WEB side . jeewms SQL injection vulnerability , attackers can use the vulnerability to obtain sensitive database information...

7.6AI score
Exploits0
CNVD
CNVD
added 2021/07/06 12:0 a.m.15 views

File upload vulnerability in jeewms (CNVD-2021-51414)

jeewms is led by Linglu Valley Technology open source project , JAVA-based warehouse management system support for self- and third-party , including PDA side and WEB side . jeewms file upload vulnerability , attackers can upload malicious files through the vulnerability , control the server...

7.2AI score
Exploits0
CNVD
CNVD
added 2021/07/02 12:0 a.m.21 views

File upload vulnerability in jeewms (CNVD-2021-49574)

jeewms is led by Linglu Valley Technology open source project , JAVA-based warehouse management system support for self- and third-party , including PDA side and WEB side . jeewms file upload vulnerability , attackers can use the vulnerability to obtain server privileges...

7.1AI score
Exploits0
CNVD
CNVD
added 2021/07/01 12:0 a.m.7 views

File upload vulnerability in jeewms (CNVD-2021-49598)

jeewms is led by Linglu Valley Technology open source project , JAVA-based warehouse management system support for self- and third-party , including PDA side and WEB side . jeewms file upload vulnerability , attackers can use the vulnerability to obtain server privileges...

7.1AI score
Exploits0
Rows per page
Query Builder