production_ssm 安全漏洞

productionssm is an ERP system developed by MegaGao’s individual developers, utilizing technologies such as Spring+SpringMVC+Mybatis, along with jQuery EasyUI. Version 1.0 of productionssm contains a security vulnerability. This vulnerability stems from the authorization bypass that occurs when...

CVE-2026-2864 feng_ha_ha/megagao ssm-erp/production_ssm PictureController.java pictureDelete path traversal

A vulnerability has been found in fenghaha/megagao ssm-erp and productionssm up to 4288d53bd35757b27f2d070057aefb2c07bdd097. This affects the function pictureDelete of the file PictureController.java. Such manipulation of the argument picName leads to path traversal. The attack can be launched...

CVE-2026-2864

A vulnerability has been found in fenghaha/megagao ssm-erp and productionssm up to 4288d53bd35757b27f2d070057aefb2c07bdd097. This affects the function pictureDelete of the file PictureController.java. Such manipulation of the argument picName leads to path traversal. The attack can be launched...

CVE-2026-2864 feng_ha_ha/megagao ssm-erp/production_ssm PictureController.java pictureDelete path traversal

A vulnerability has been found in fenghaha/megagao ssm-erp and productionssm up to 4288d53bd35757b27f2d070057aefb2c07bdd097. This affects the function pictureDelete of the file PictureController.java. Such manipulation of the argument picName leads to path traversal. The attack can be launched...

CVE-2026-2863 feng_ha_ha/megagao ssm-erp/production_ssm FileServiceImpl.java deleteFile path traversal

A flaw has been found in fenghaha/megagao ssm-erp and productionssm up to 4288d53bd35757b27f2d070057aefb2c07bdd097. The impacted element is the function deleteFile of the file FileServiceImpl.java. This manipulation causes path traversal. The attack can be initiated remotely. The exploit has been...

ssm-erp和production_ssm 路径遍历漏洞

productionssm is an ERP system developed by MegaGao’s individual developers using Spring+SpringMVC+Mybatis and jQuery EasyUI. ssm-erp is a production management ERP system developed by fenghaha’s individual developers. Both ssm-erp and productionssm have a path traversal vulnerability in versions...

production_ssm 路径遍历漏洞

productionssm is an ERP system developed by MegaGao’s individual developers, utilizing technologies such as Spring+SpringMVC+Mybatis, along with jQuery EasyUI. The version 4288d53bd35757b27f2d070057aefb2c07bdd097 and earlier versions of productionssm have a path traversal vulnerability. This...

CVE-2025-4530 feng_ha_ha/megagao ssm-erp/production_ssm File FileController.java handleFileDownload path traversal

A vulnerability was found in fenghaha/megagao ssm-erp and productionssm 1.0. It has been declared as problematic. Affected by this vulnerability is the function handleFileDownload of the file FileController.java of the component File Handler. The manipulation leads to path traversal. The attack c...

CVE-2025-45617

Incorrect access control in the component /user/list of productionssm v0.0.1-SNAPSHOT allows attackers to access sensitive information via a crafted payload...

CVE-2025-45617

Incorrect access control in the component /user/list of productionssm v0.0.1-SNAPSHOT allows attackers to access sensitive information via a crafted payload...

CVE-2025-45617

Incorrect access control in the component /user/list of productionssm v0.0.1-SNAPSHOT allows attackers to access sensitive information via a crafted payload...

production_ssm 安全漏洞

productionssm is an SSM Spring+SpringMVC+Mybatis + jQuery EasyUI developed ERP system by MegaGao Individual Developer. A security vulnerability exists in productionssm version v0.0.1, which stems from improper access control of the component /user/list, which could lead to access to sensitive...