Huayi-tec Jeewms
19 CVEs affecting Huayi-tec Jeewms. Latest disclosed: 2026-02-23. Critical: 1, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-60269 | Critical | 9.4 | 2025-10-10 | JEEWMS 20250820 is vulnerable to SQL Injection in the exportXls function located in the src/main/java/org/jeecgframework/web/cgreport/controller/excel/CgExport… |
CVE-2024-57761 | High | 8.1 | 2025-01-15 | An arbitrary file upload vulnerability in the parserXML() method of JeeWMS before v2025.01.01 allows attackers to execute arbitrary code via uploading a crafte… |
CVE-2025-70311 | Medium | 6.5 | 2026-02-03 | JEEWMS 1.0 is vulnerable to SQL Injection. Attackers can inject malicious SQL statements through the id1 and id2 parameters in the /systemControl.do interface… |
CVE-2025-60268 | Medium | 6.5 | 2025-10-10 | An arbitrary file upload vulnerability exists in JeeWMS 20250820, which is caused by the lack of file checking in the saveFiles function in /jeewms/cgUploadCon… |
CVE-2025-5390 | Medium | 6.3 | 2025-05-31 | A vulnerability, which was classified as critical, was found in JeeWMS up to 20250504. This affects the function filedeal of the file /systemController/filedea… |
CVE-2025-5389 | Medium | 6.3 | 2025-05-31 | A vulnerability, which was classified as critical, has been found in JeeWMS up to 20250504. Affected by this issue is the function dogenerateOne2Many of the fi… |
CVE-2025-5388 | Medium | 6.3 | 2025-05-31 | A vulnerability classified as critical was found in JeeWMS up to 20250504. Affected by this vulnerability is the function dogenerate of the file /generateContr… |
CVE-2025-5387 | Medium | 6.3 | 2025-05-31 | A vulnerability classified as critical has been found in JeeWMS up to 20250504. Affected is the function dogenerate of the file /generateController.do?dogenera… |
CVE-2025-5386 | Medium | 6.3 | 2025-05-31 | A vulnerability was found in JeeWMS up to 20250504. It has been rated as critical. This issue affects the function transEditor of the file /cgformTransControll… |
CVE-2025-5385 | Medium | 6.3 | 2025-05-31 | A vulnerability was found in JeeWMS up to 20250504. It has been declared as critical. This vulnerability affects the function doAdd of the file /cgformTemplate… |
CVE-2025-5384 | Medium | 6.3 | 2025-05-31 | A vulnerability was found in JeeWMS up to 20250504. It has been classified as critical. This affects the function CgAutoListController of the file /cgAutoListC… |
CVE-2025-0392 | Medium | 6.3 | 2025-01-11 | A vulnerability, which was classified as critical, was found in Guangzhou Huayi Intelligent Technology Jeewms up to 20241229. Affected is the function datagrid… |
CVE-2025-0391 | Medium | 6.3 | 2025-01-11 | A vulnerability, which was classified as critical, has been found in Guangzhou Huayi Intelligent Technology Jeewms up to 20241229. This issue affects the funct… |
CVE-2024-11251 | Medium | 6.3 | 2024-11-15 | A vulnerability was found in erzhongxmu Jeewms up to 20241108. It has been rated as critical. This issue affects some unknown processing of the file cgReportCo… |
CVE-2025-55834 | Medium | 6.1 | 2025-09-16 | A Cross Site Scripting vulnerability in JeeWMS v.3.7 and before allows a remote attacker to obtain sensitive information via the logController.do component |
CVE-2025-0390 | Medium | 5.3 | 2025-01-11 | A vulnerability classified as critical was found in Guangzhou Huayi Intelligent Technology Jeewms up to 20241229. This vulnerability affects unknown code of th… |
CVE-2024-12347 | Medium | 5.3 | 2024-12-09 | A vulnerability was found in Guangzhou Huayi Intelligent Technology Jeewms up to 1.0.0 and classified as critical. This issue affects some unknown processing o… |
CVE-2024-11961 | Medium | 5.3 | 2024-11-28 | A vulnerability was found in Guangzhou Huayi Intelligent Technology Jeewms 3.7. It has been rated as problematic. This issue affects the function preHandle of… |
CVE-2026-3028 | Medium | 4.3 | 2026-02-23 | A vulnerability was determined in erzhongxmu JEEWMS up to 3.7. This vulnerability affects the function doAdd of the file src/main/java/com/jeecg/demo/controlle… |