CVE-2026-1062
- EPSS 0.02%
- Veröffentlicht 17.01.2026 19:32:05
- Zuletzt bearbeitet 08.03.2026 01:31:35
A flaw has been found in xiweicheng TMS up to 2.28.0. This affects the function Summary of the file src/main/java/com/lhjz/portal/util/HtmlUtil.java. This manipulation of the argument url causes server-side request forgery. It is possible to initiate...
CVE-2026-1061
- EPSS 0.02%
- Veröffentlicht 17.01.2026 19:15:51
- Zuletzt bearbeitet 08.03.2026 01:34:33
A vulnerability was detected in xiweicheng TMS up to 2.28.0. Affected by this issue is the function Upload of the file src/main/java/com/lhjz/portal/controller/FileController.java. The manipulation of the argument filename results in unrestricted upl...
CVE-2025-14801
- EPSS 0.04%
- Veröffentlicht 17.12.2025 02:02:06
- Zuletzt bearbeitet 08.03.2026 01:17:58
A security vulnerability has been detected in xiweicheng TMS up to 2.28.0. This affects the function createComment of the file /admin/blog/comment/create. Such manipulation of the argument content leads to cross site scripting. The attack may be perf...