Huayi-tec

Jeewms

19 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2025-5385

  • EPSS 0.18%
  • Veröffentlicht 31.05.2025 16:31:06
  • Zuletzt bearbeitet 11.09.2025 20:43:47

A vulnerability was found in JeeWMS up to 20250504. It has been declared as critical. This vulnerability affects the function doAdd of the file /cgformTemplateController.do?doAdd. The manipulation leads to path traversal. The attack can be initiated ...

9.8

CVE-2025-5384

  • EPSS 0.04%
  • Veröffentlicht 31.05.2025 16:00:09
  • Zuletzt bearbeitet 11.09.2025 20:43:49

A vulnerability was found in JeeWMS up to 20250504. It has been classified as critical. This affects the function CgAutoListController of the file /cgAutoListController.do?datagrid. The manipulation leads to sql injection. It is possible to initiate ...

8.1

CVE-2024-57761

Exploit
  • EPSS 0.22%
  • Veröffentlicht 15.01.2025 00:15:33
  • Zuletzt bearbeitet 11.09.2025 21:13:03

An arbitrary file upload vulnerability in the parserXML() method of JeeWMS before v2025.01.01 allows attackers to execute arbitrary code via uploading a crafted file.

8.8

CVE-2025-0392

Exploit
  • EPSS 0.11%
  • Veröffentlicht 11.01.2025 11:15:06
  • Zuletzt bearbeitet 11.09.2025 20:46:00

A vulnerability, which was classified as critical, was found in Guangzhou Huayi Intelligent Technology Jeewms up to 20241229. Affected is the function datagridGraph of the file /graphReportController.do. The manipulation of the argument store_code le...

8.8

CVE-2025-0391

Exploit
  • EPSS 0.15%
  • Veröffentlicht 11.01.2025 09:15:05
  • Zuletzt bearbeitet 11.09.2025 20:52:18

A vulnerability, which was classified as critical, has been found in Guangzhou Huayi Intelligent Technology Jeewms up to 20241229. This issue affects the function saveOrUpdate of the file org/jeecgframework/web/cgform/controller/build/CgFormBuildCont...

7.5

CVE-2025-0390

Exploit
  • EPSS 0.25%
  • Veröffentlicht 11.01.2025 08:15:26
  • Zuletzt bearbeitet 11.09.2025 21:00:01

A vulnerability classified as critical was found in Guangzhou Huayi Intelligent Technology Jeewms up to 20241229. This vulnerability affects unknown code of the file /wmOmNoticeHController.do. The manipulation leads to path traversal: '../filedir'. T...

6.9

CVE-2024-12347

  • EPSS 0.34%
  • Veröffentlicht 09.12.2024 00:15:04
  • Zuletzt bearbeitet 11.09.2025 21:07:02

A vulnerability was found in Guangzhou Huayi Intelligent Technology Jeewms up to 1.0.0 and classified as critical. This issue affects some unknown processing of the file /jeewms_war/webpage/system/druid/index.html of the component Druid Monitoring In...

7.5

CVE-2024-11961

Exploit
  • EPSS 0.07%
  • Veröffentlicht 28.11.2024 15:15:18
  • Zuletzt bearbeitet 11.12.2024 19:59:30

A vulnerability was found in Guangzhou Huayi Intelligent Technology Jeewms 3.7. It has been rated as problematic. This issue affects the function preHandle of the file src/main/java/com/zzjee/wm/controller/WmOmNoticeHController.java. The manipulation...

8.8

CVE-2024-11251

Exploit
  • EPSS 0.08%
  • Veröffentlicht 15.11.2024 18:15:26
  • Zuletzt bearbeitet 11.09.2025 21:03:09

A vulnerability was found in erzhongxmu Jeewms up to 20241108. It has been rated as critical. This issue affects some unknown processing of the file cgReportController.do of the component AuthInterceptor. The manipulation of the argument begin_date l...