Jeewms Security Vulnerabilities and Issues — Jeewms CVE List

Lucene search

Huayi-tecJeewms

14 matches found

CVE•added 2025/01/11 11:15 a.m.•86 views

CVE-2025-0392

A vulnerability, which was classified as critical, was found in Guangzhou Huayi Intelligent Technology Jeewms up to 20241229. Affected is the function datagridGraph of the file /graphReportController.do. The manipulation of the argument store_code leads to sql injection. It is possible to launch th...

8.8CVSS6.8AI score0.00054EPSS

CVE•added 2024/12/09 12:15 a.m.•49 views

CVE-2024-12347

A vulnerability was found in Guangzhou Huayi Intelligent Technology Jeewms up to 1.0.0 and classified as critical. This issue affects some unknown processing of the file /jeewms_war/webpage/system/druid/index.html of the component Druid Monitoring Interface. The manipulation leads to improper autho...

6.9CVSS5.3AI score0.00171EPSS

CVE•added 2025/05/31 7:15 p.m.•48 views

CVE-2025-5389

A vulnerability, which was classified as critical, has been found in JeeWMS up to 20250504. Affected by this issue is the function dogenerateOne2Many of the file /generateController.do?dogenerateOne2Many of the component File Handler. The manipulation leads to improper access controls. The attack m...

9.8CVSS6.4AI score0.00048EPSS

CVE•added 2025/01/11 8:15 a.m.•47 views

CVE-2025-0390

A vulnerability classified as critical was found in Guangzhou Huayi Intelligent Technology Jeewms up to 20241229. This vulnerability affects unknown code of the file /wmOmNoticeHController.do. The manipulation leads to path traversal: '../filedir'. The attack can be initiated remotely. The exploit ...

7.5CVSS5.6AI score0.00348EPSS

CVE•added 2024/11/28 3:15 p.m.•46 views

CVE-2024-11961

A vulnerability was found in Guangzhou Huayi Intelligent Technology Jeewms 3.7. It has been rated as problematic. This issue affects the function preHandle of the file src/main/java/com/zzjee/wm/controller/WmOmNoticeHController.java. The manipulation of the argument request leads to information dis...

7.5CVSS5.1AI score0.00112EPSS

CVE•added 2025/05/31 7:15 p.m.•44 views

CVE-2025-5390

A vulnerability, which was classified as critical, was found in JeeWMS up to 20250504. This affects the function filedeal of the file /systemController/filedeal.do of the component File Handler. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. This...

9.8CVSS6.3AI score0.00048EPSS

CVE•added 2025/05/31 4:15 p.m.•41 views

CVE-2025-5384

A vulnerability was found in JeeWMS up to 20250504. It has been classified as critical. This affects the function CgAutoListController of the file /cgAutoListController.do?datagrid. The manipulation leads to sql injection. It is possible to initiate the attack remotely. This product takes the appro...

9.8CVSS6.8AI score0.00036EPSS

CVE•added 2024/11/15 6:15 p.m.•40 views

CVE-2024-11251

A vulnerability was found in erzhongxmu Jeewms up to 20241108. It has been rated as critical. This issue affects some unknown processing of the file cgReportController.do of the component AuthInterceptor. The manipulation of the argument begin_date leads to sql injection. The attack may be initiate...

8.8CVSS6.7AI score0.0007EPSS

CVE•added 2025/01/15 12:15 a.m.•40 views

CVE-2024-57761

An arbitrary file upload vulnerability in the parserXML() method of JeeWMS before v2025.01.01 allows attackers to execute arbitrary code via uploading a crafted file.

8.1CVSS7.8AI score0.0012EPSS

CVE•added 2025/05/31 5:15 p.m.•40 views

CVE-2025-5386

A vulnerability was found in JeeWMS up to 20250504. It has been rated as critical. This issue affects the function transEditor of the file /cgformTransController.do?transEditor. The manipulation leads to sql injection. The attack may be initiated remotely. This product does not use versioning. This...

9.8CVSS6.7AI score0.00036EPSS

CVE•added 2025/05/31 6:15 p.m.•40 views

CVE-2025-5387

A vulnerability classified as critical has been found in JeeWMS up to 20250504. Affected is the function dogenerate of the file /generateController.do?dogenerate of the component File Handler. The manipulation leads to improper access controls. It is possible to launch the attack remotely. This pro...

9.8CVSS6.4AI score0.00048EPSS

CVE•added 2025/05/31 6:15 p.m.•39 views

CVE-2025-5388

A vulnerability classified as critical was found in JeeWMS up to 20250504. Affected by this vulnerability is the function dogenerate of the file /generateController.do?dogenerate. The manipulation leads to sql injection. The attack can be launched remotely. This product takes the approach of rollin...

9.8CVSS7AI score0.00036EPSS

CVE•added 2025/05/31 5:15 p.m.•38 views

CVE-2025-5385

A vulnerability was found in JeeWMS up to 20250504. It has been declared as critical. This vulnerability affects the function doAdd of the file /cgformTemplateController.do?doAdd. The manipulation leads to path traversal. The attack can be initiated remotely. Continious delivery with rolling releas...

9.8CVSS6.4AI score0.00136EPSS

CVE•added 2025/01/11 9:15 a.m.•35 views

CVE-2025-0391

A vulnerability, which was classified as critical, has been found in Guangzhou Huayi Intelligent Technology Jeewms up to 20241229. This issue affects the function saveOrUpdate of the file org/jeecgframework/web/cgform/controller/build/CgFormBuildController. java. The manipulation leads to sql injec...

8.8CVSS6.8AI score0.0007EPSS