CVE-2026-2864
- EPSS 0.05%
- Veröffentlicht 21.02.2026 07:32:07
- Zuletzt bearbeitet 23.02.2026 18:13:53
A vulnerability has been found in feng_ha_ha/megagao ssm-erp and production_ssm up to 4288d53bd35757b27f2d070057aefb2c07bdd097. This affects the function pictureDelete of the file PictureController.java. Such manipulation of the argument picName lead...
CVE-2026-2863
- EPSS 0.07%
- Veröffentlicht 21.02.2026 06:02:09
- Zuletzt bearbeitet 23.02.2026 18:13:53
A flaw has been found in feng_ha_ha/megagao ssm-erp and production_ssm up to 4288d53bd35757b27f2d070057aefb2c07bdd097. The impacted element is the function deleteFile of the file FileServiceImpl.java. This manipulation causes path traversal. The atta...
CVE-2026-2860
- EPSS 0.04%
- Veröffentlicht 21.02.2026 04:32:06
- Zuletzt bearbeitet 23.02.2026 18:13:53
A security vulnerability has been detected in feng_ha_ha/megagao ssm-erp and production_ssm up to 4288d53bd35757b27f2d070057aefb2c07bdd097. Impacted is an unknown function of the file EmployeeController.java. The manipulation leads to improper author...
CVE-2025-45617
- EPSS 0.28%
- Veröffentlicht 05.05.2025 00:00:00
- Zuletzt bearbeitet 17.10.2025 15:03:05
Incorrect access control in the component /user/list of production_ssm v0.0.1-SNAPSHOT allows attackers to access sensitive information via a crafted payload.