Feminer Wms Security Vulnerabilities and Issues — Feminer Wms CVE List

Lucene search

Feminer Wms ProjectFeminer Wms

5 matches found

CVE•added 2025/02/14 5:15 p.m.•74 views

CVE-2025-25997

Directory Traversal vulnerability in FeMiner wms v.1.0 allows a remote attacker to obtain sensitive information via the databak.php component.

7.5CVSS6.5AI score0.00409EPSS

CVE•added 2025/02/14 5:15 p.m.•67 views

CVE-2025-25992

SQL Injection vulnerability in FeMiner wms 1.0 allows a remote attacker to obtain sensitive information via the inquire_inout_item.php component.

5.1CVSS7.6AI score0.00063EPSS

CVE•added 2025/02/14 5:15 p.m.•67 views

CVE-2025-25993

SQL Injection vulnerability in FeMiner wms wms 1.0 allows a remote attacker to obtain sensitive information via the parameter "itemid."

5.1CVSS7.6AI score0.00063EPSS

CVE•added 2025/02/14 5:15 p.m.•67 views

CVE-2025-25994

SQL Injection vulnerability in FeMiner wms wms 1.0 allows a remote attacker to obtain sensitive information via the parameters date1, date2, id.

7.5CVSS7.6AI score0.00107EPSS

CVE•added 2022/05/16 2:15 p.m.•37 views

CVE-2021-42897

A remote command execution (RCE) vulnerability was found in FeMiner wms V1.0 in /wms/src/system/datarec.php. The $_POST[r_name] is directly passed into the $mysqlstr and is executed by exec.

9.8CVSS9.5AI score0.07063EPSS