24 matches found
CVE-2026-2864
A vulnerability has been found in fenghaha/megagao ssm-erp and productionssm up to 4288d53bd35757b27f2d070057aefb2c07bdd097. This affects the function pictureDelete of the file PictureController.java. Such manipulation of the argument picName leads to path traversal. The attack can be launched...
CVE-2026-2864 feng_ha_ha/megagao ssm-erp/production_ssm PictureController.java pictureDelete path traversal
A vulnerability has been found in fenghaha/megagao ssm-erp and productionssm up to 4288d53bd35757b27f2d070057aefb2c07bdd097. This affects the function pictureDelete of the file PictureController.java. Such manipulation of the argument picName leads to path traversal. The attack can be launched...
CVE-2026-2864
CVE-2026-2864 affects feng_ha_ha/megagao ssm-erp and production_ssm up to a certain commit. The vulnerability lies in the function pictureDelete of PictureController.java, where manipulating the argument picName enables path traversal. The issue can be exploited remotely and the public exploit is...
CVE-2026-2864
A vulnerability has been found in fenghaha/megagao ssm-erp and productionssm up to 4288d53bd35757b27f2d070057aefb2c07bdd097. This affects the function pictureDelete of the file PictureController.java. Such manipulation of the argument picName leads to path traversal. The attack can be launched...
CVE-2026-2864 feng_ha_ha/megagao ssm-erp/production_ssm PictureController.java pictureDelete path traversal
A vulnerability has been found in fenghaha/megagao ssm-erp and productionssm up to 4288d53bd35757b27f2d070057aefb2c07bdd097. This affects the function pictureDelete of the file PictureController.java. Such manipulation of the argument picName leads to path traversal. The attack can be launched...
CVE-2026-2863 feng_ha_ha/megagao ssm-erp/production_ssm FileServiceImpl.java deleteFile path traversal
A flaw has been found in fenghaha/megagao ssm-erp and productionssm up to 4288d53bd35757b27f2d070057aefb2c07bdd097. The impacted element is the function deleteFile of the file FileServiceImpl.java. This manipulation causes path traversal. The attack can be initiated remotely. The exploit has been...
CVE-2026-2863
The CVE-2026-2863 entry describes a path-traversal vulnerability in the deleteFile function of FileServiceImpl.java within feng_ha_ha/megagao ssm-erp and production_ssm (up to a specific commit). Remote exploitability is stated, with a published exploit and continuous delivery practices noted. Pu...
CVE-2026-2863 feng_ha_ha/megagao ssm-erp/production_ssm FileServiceImpl.java deleteFile path traversal
A flaw has been found in fenghaha/megagao ssm-erp and productionssm up to 4288d53bd35757b27f2d070057aefb2c07bdd097. The impacted element is the function deleteFile of the file FileServiceImpl.java. This manipulation causes path traversal. The attack can be initiated remotely. The exploit has been...
CVE-2026-2860
A security vulnerability has been detected in fenghaha/megagao ssm-erp and productionssm up to 4288d53bd35757b27f2d070057aefb2c07bdd097. Impacted is an unknown function of the file EmployeeController.java. The manipulation leads to improper authorization. It is possible to initiate the attack...
CVE-2026-2860 feng_ha_ha/megagao ssm-erp/production_ssm EmployeeController.java improper authorization
A security vulnerability has been detected in fenghaha/megagao ssm-erp and productionssm up to 4288d53bd35757b27f2d070057aefb2c07bdd097. Impacted is an unknown function of the file EmployeeController.java. The manipulation leads to improper authorization. It is possible to initiate the attack...
ssm-erp和production_ssm 路径遍历漏洞
productionssm is an ERP system developed by MegaGao’s individual developers using Spring+SpringMVC+Mybatis and jQuery EasyUI. ssm-erp is a production management ERP system developed by fenghaha’s individual developers. Both ssm-erp and productionssm have a path traversal vulnerability in versions...
EUVD-2025-14330
Malicious code in bioql PyPI...
EUVD-2025-15427
Malicious code in bioql PyPI...
CVE-2025-4768
A vulnerability classified as critical has been found in fenghaha/megagao ssm-erp and productionssm 1.0. This affects the function uploadPicture of the file PictureServiceImpl.java. The manipulation of the argument File leads to unrestricted upload. It is possible to initiate the attack remotely...
CVE-2025-4768
CVE-2025-4768 affects feng_ha_ha/megagao ssm-erp and production_ssm 1.0. The vulnerability exists in the function uploadPicture within PictureServiceImpl.java , where manipulation of the argument File enables an unrestricted upload. Exploitation can be initiated remotely, and the exploit has been...
CVE-2025-4768 feng_ha_ha/megagao ssm-erp/production_ssm PictureServiceImpl.java uploadPicture unrestricted upload
A vulnerability classified as critical has been found in fenghaha/megagao ssm-erp and productionssm 1.0. This affects the function uploadPicture of the file PictureServiceImpl.java. The manipulation of the argument File leads to unrestricted upload. It is possible to initiate the attack remotely...
ssm-erp 代码问题漏洞
ssm-erp is a production management ERP system by fenghaha individual developer. A code issue vulnerability exists in ssm-erp version 1.0, which stems from the incorrect operation of the parameter File in the file PictureServiceImpl.java resulting in unlimited uploads...
CVE-2025-4530
A vulnerability was found in fenghaha/megagao ssm-erp and productionssm 1.0. It has been declared as problematic. Affected by this vulnerability is the function handleFileDownload of the file FileController.java of the component File Handler. The manipulation leads to path traversal. The attack c...
CVE-2025-4530 feng_ha_ha/megagao ssm-erp/production_ssm File FileController.java handleFileDownload path traversal
A vulnerability was found in fenghaha/megagao ssm-erp and productionssm 1.0. It has been declared as problematic. Affected by this vulnerability is the function handleFileDownload of the file FileController.java of the component File Handler. The manipulation leads to path traversal. The attack c...
CVE-2025-4530 feng_ha_ha/megagao ssm-erp/production_ssm File FileController.java handleFileDownload path traversal
A vulnerability was found in fenghaha/megagao ssm-erp and productionssm 1.0. It has been declared as problematic. Affected by this vulnerability is the function handleFileDownload of the file FileController.java of the component File Handler. The manipulation leads to path traversal. The attack c...