threat
engine
.sh
Back
·
··:··
Home
/
Product
/
huayi tec jeewms
Product
huayi tec jeewms
28 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2026-3028
<= 3.7
A vulnerability was determined in erzhongxmu JEEWMS up to 3.7. This vulnerability affects the function doAdd of the file src/main/
4.3
MEDIUM
CVE-2026-3027
>= 3.2 and <= 3.7
A vulnerability was found in erzhongxmu JEEWMS up to 3.7. This affects an unknown part of the file src/main/webapp/plug-in/ueditor
4.3
MEDIUM
CVE-2026-3026
<= 3.7
A vulnerability has been found in erzhongxmu JEEWMS 3.7. Affected by this issue is some unknown functionality of the file /plug-in
7.3
HIGH
CVE-2025-70311
all versions
JEEWMS 1.0 is vulnerable to SQL Injection. Attackers can inject malicious SQL statements through the id1 and id2 parameters in the
6.5
MEDIUM
CVE-2025-60268
all versions
An arbitrary file upload vulnerability exists in JeeWMS 20250820, which is caused by the lack of file checking in the saveFiles fu
6.5
MEDIUM
CVE-2025-60269
all versions
JEEWMS 20250820 is vulnerable to SQL Injection in the exportXls function located in the src/main/java/org/jeecgframework/web/cgrep
9.4
CRITICAL
CVE-2025-55834
<= 3.7
A Cross Site Scripting vulnerability in JeeWMS v.3.7 and before allows a remote attacker to obtain sensitive information via the l
6.1
MEDIUM
CVE-2024-53499
all versions
Jeewms v3.7 was discovered to contain a SQL injection vulnerability via the CgReportController API.
9.8
CRITICAL
CVE-2025-50901
all versions
JeeWMS 771e4f5d0c01ffdeae1671be4cf102b73a3fe644 (2025-05-19) contains incorrect authentication bypass vulnerability, which can lea
9.8
CRITICAL
CVE-2025-5390
<= 2025-05-04
A vulnerability, which was classified as critical, was found in JeeWMS up to 20250504. This affects the function filedeal of the f
6.3
MEDIUM
CVE-2025-5389
<= 2025-05-04
A vulnerability, which was classified as critical, has been found in JeeWMS up to 20250504. Affected by this issue is the function
6.3
MEDIUM
CVE-2025-5388
<= 2025-05-04
A vulnerability classified as critical was found in JeeWMS up to 20250504. Affected by this vulnerability is the function dogenera
6.3
MEDIUM
CVE-2025-5387
<= 2025-05-04
A vulnerability classified as critical has been found in JeeWMS up to 20250504. Affected is the function dogenerate of the file /g
6.3
MEDIUM
CVE-2025-5386
<= 2025-05-04
A vulnerability was found in JeeWMS up to 20250504. It has been rated as critical. This issue affects the function transEditor of
6.3
MEDIUM
CVE-2025-5385
<= 2025-05-04
A vulnerability was found in JeeWMS up to 20250504. It has been declared as critical. This vulnerability affects the function doAd
6.3
MEDIUM
CVE-2025-5384
<= 2025-05-04
A vulnerability was found in JeeWMS up to 20250504. It has been classified as critical. This affects the function CgAutoListContro
6.3
MEDIUM
CVE-2025-29213
all versions
A zip slip vulnerability in the component \service\migrate\MigrateForm.java of JEEWMS v3.7 allows attackers to execute arbitrary c
5.5
MEDIUM
CVE-2024-57761
< 2025-01-01
An arbitrary file upload vulnerability in the parserXML() method of JeeWMS before v2025.01.01 allows attackers to execute arbitrar
8.1
HIGH
CVE-2024-57760
< 2025.01.01
JeeWMS before v2025.01.01 was discovered to contain a SQL injection vulnerability via the ReportId parameter at /core/CGReportDao.
6.5
MEDIUM
CVE-2024-57757
< 2025.01.01
JeeWMS before v2025.01.01 was discovered to contain a permission bypass in the component /interceptors/AuthInterceptor.cava.
7.5
HIGH
CVE-2025-0392
< 2025-01-01
A vulnerability, which was classified as critical, was found in Guangzhou Huayi Intelligent Technology Jeewms up to 20241229. Affe
6.3
MEDIUM
CVE-2025-0391
< 2025-01-01
A vulnerability, which was classified as critical, has been found in Guangzhou Huayi Intelligent Technology Jeewms up to 20241229.
6.3
MEDIUM
CVE-2025-0390
< 2025-01-01
A vulnerability classified as critical was found in Guangzhou Huayi Intelligent Technology Jeewms up to 20241229. This vulnerabili
5.3
MEDIUM
CVE-2024-12347
all versions
A vulnerability was found in Guangzhou Huayi Intelligent Technology Jeewms up to 1.0.0 and classified as critical. This issue affe
5.3
MEDIUM
CVE-2024-11961
all versions
A vulnerability was found in Guangzhou Huayi Intelligent Technology Jeewms 3.7. It has been rated as problematic. This issue affec
5.3
MEDIUM
CVE-2024-11251
<= 2024-11-08
A vulnerability was found in erzhongxmu Jeewms up to 20241108. It has been rated as critical. This issue affects some unknown proc
6.3
MEDIUM
CVE-2024-27765
<= 3.7
Directory Traversal vulnerability in Jeewms v.3.7 and before allows a remote attacker to obtain sensitive information via the cgfo
7.5
HIGH
CVE-2024-27764
<= 3.7
An issue in Jeewms v.3.7 and before allows a remote attacker to escalate privileges via the AuthInterceptor component.
9.8
CRITICAL
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin