Filtered by vendor Jeewms
Subscriptions
Filtered by product Jeewms
Subscriptions
Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-29213 | 1 Jeewms | 1 Jeewms | 2025-04-25 | 5.5 Medium |
| A zip slip vulnerability in the component \service\migrate\MigrateForm.java of JEEWMS v3.7 allows attackers to execute arbitrary code via a crafted Zip file. | ||||
| CVE-2024-57760 | 1 Jeewms | 1 Jeewms | 2025-04-21 | 6.5 Medium |
| JeeWMS before v2025.01.01 was discovered to contain a SQL injection vulnerability via the ReportId parameter at /core/CGReportDao.java. | ||||
| CVE-2024-57757 | 1 Jeewms | 1 Jeewms | 2025-04-18 | 7.5 High |
| JeeWMS before v2025.01.01 was discovered to contain a permission bypass in the component /interceptors/AuthInterceptor.cava. | ||||
| CVE-2024-27764 | 1 Jeewms | 1 Jeewms | 2025-01-21 | 9.8 Critical |
| An issue in Jeewms v.3.7 and before allows a remote attacker to escalate privileges via the AuthInterceptor component. | ||||
| CVE-2024-27765 | 1 Jeewms | 1 Jeewms | 2025-01-21 | 7.5 High |
| Directory Traversal vulnerability in Jeewms v.3.7 and before allows a remote attacker to obtain sensitive information via the cgformTemplateController component. | ||||
Page 1 of 1.