CVE-2025-0391

CVE-2025-0391 affects Guangzhou Huayi Intelligent Technology Jeewms up to 20241229. The issue is a SQL injection in the function saveOrUpdate within org/jeecgframework/web/cgform/controller/build/CgFormBuildController.java, enabling remote exploitation. Public exploit/public disclosure is indicat...

TCCMSV9.0 最新版多处sql注入(GPC 条件）

简要描述： RT 详细说明： 在app/controller/news.class.php中 public function saveOrUpdate $this-userIsLogin ; $powerObj = M'power'; $groupObj = M'group'; $fieldObj = M"field"; $Obj = M$this-objName; $newsObj = M"content"; $msgObj = new Msg; //栏目发布权限判断 $userGroupId = $powerObj-getUserGroupId;...