Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2026/05/15 1:57 a.m.8 views

CVE-2026-37430

An arbitrary file upload vulnerability in the ShopOrderImportController.java component of qihang-wms commit 75c15a allows attackers to execute arbitrary code via uploading a crafted file...

7.3CVSS6.2AI score0.00284EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/13 6:30 p.m.8 views

EUVD-2026-29949

An arbitrary file upload vulnerability in the ShopOrderImportController.java component of qihang-wms commit 75c15a allows attackers to execute arbitrary code via uploading a crafted file...

6.2AI score0.00284EPSS
Exploits0References3
NVD
NVD
added 2026/05/13 2:17 p.m.7 views

CVE-2026-37430

An arbitrary file upload vulnerability in the ShopOrderImportController.java component of qihang-wms commit 75c15a allows attackers to execute arbitrary code via uploading a crafted file...

7.3CVSS0.00284EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/13 12:0 a.m.10 views

PT-2026-40606

An arbitrary file upload vulnerability in the ShopOrderImportController.java component of qihang-wms commit 75c15a allows attackers to execute arbitrary code via uploading a crafted file...

6.2AI score0.00284EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/13 12:0 a.m.8 views

CVE-2026-37430

An arbitrary file upload vulnerability in the ShopOrderImportController.java component of qihang-wms commit 75c15a allows attackers to execute arbitrary code via uploading a crafted file...

6.2AI score0.00284EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/13 12:0 a.m.8 views

CVE-2026-37429

qihang-wms commit 75c15a was discovered to contain a SQL injection vulnerability via the datascope parameter in the SysUserMapper.xml file. This vulnerability allows attackers to access sensitive database information, including users' Personally Identifiable Information PII via a crafted SQL...

5.8AI score0.00275EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/13 12:0 a.m.36 views

CVE-2026-37430

An arbitrary file upload vulnerability in the ShopOrderImportController.java component of qihang-wms commit 75c15a allows attackers to execute arbitrary code via uploading a crafted file...

0.00284EPSS
Exploits0References2
CVE
CVE
added 2026/05/13 12:0 a.m.10 views

CVE-2026-37430

The vulnerability CVE-2026-37430 affects the qihang-wms project, specifically the ShopOrderImportController.java component (commit 75c15a). An arbitrary file upload flaw allows an attacker to execute arbitrary code by uploading a crafted file. The reported CVSS v3.1 base score is 7.3 (HIGH) with ...

7.3CVSS6.2AI score0.00284EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/13 12:0 a.m.5 views

CVE-2026-37430

An arbitrary file upload vulnerability in the ShopOrderImportController.java component of qihang-wms commit 75c15a allows attackers to execute arbitrary code via uploading a crafted file...

6.2AI score0.00284EPSS
Exploits0References3
Rows per page
Query Builder