Huayi-tec Jeewms

19 CVEs affecting Huayi-tec Jeewms. Latest disclosed: 2026-02-23. Critical: 1, High: 1.

Top CVEs affecting Huayi-tec Jeewms
CVESeverityScorePublishedSummary
CVE-2025-60269Critical9.42025-10-10JEEWMS 20250820 is vulnerable to SQL Injection in the exportXls function located in the src/main/java/org/jeecgframework/web/cgreport/controller/excel/CgExport…
CVE-2024-57761High8.12025-01-15An arbitrary file upload vulnerability in the parserXML() method of JeeWMS before v2025.01.01 allows attackers to execute arbitrary code via uploading a crafte…
CVE-2025-70311Medium6.52026-02-03JEEWMS 1.0 is vulnerable to SQL Injection. Attackers can inject malicious SQL statements through the id1 and id2 parameters in the /systemControl.do interface…
CVE-2025-60268Medium6.52025-10-10An arbitrary file upload vulnerability exists in JeeWMS 20250820, which is caused by the lack of file checking in the saveFiles function in /jeewms/cgUploadCon…
CVE-2025-5390Medium6.32025-05-31A vulnerability, which was classified as critical, was found in JeeWMS up to 20250504. This affects the function filedeal of the file /systemController/filedea…
CVE-2025-5389Medium6.32025-05-31A vulnerability, which was classified as critical, has been found in JeeWMS up to 20250504. Affected by this issue is the function dogenerateOne2Many of the fi…
CVE-2025-5388Medium6.32025-05-31A vulnerability classified as critical was found in JeeWMS up to 20250504. Affected by this vulnerability is the function dogenerate of the file /generateContr…
CVE-2025-5387Medium6.32025-05-31A vulnerability classified as critical has been found in JeeWMS up to 20250504. Affected is the function dogenerate of the file /generateController.do?dogenera…
CVE-2025-5386Medium6.32025-05-31A vulnerability was found in JeeWMS up to 20250504. It has been rated as critical. This issue affects the function transEditor of the file /cgformTransControll…
CVE-2025-5385Medium6.32025-05-31A vulnerability was found in JeeWMS up to 20250504. It has been declared as critical. This vulnerability affects the function doAdd of the file /cgformTemplate…
CVE-2025-5384Medium6.32025-05-31A vulnerability was found in JeeWMS up to 20250504. It has been classified as critical. This affects the function CgAutoListController of the file /cgAutoListC…
CVE-2025-0392Medium6.32025-01-11A vulnerability, which was classified as critical, was found in Guangzhou Huayi Intelligent Technology Jeewms up to 20241229. Affected is the function datagrid…
CVE-2025-0391Medium6.32025-01-11A vulnerability, which was classified as critical, has been found in Guangzhou Huayi Intelligent Technology Jeewms up to 20241229. This issue affects the funct…
CVE-2024-11251Medium6.32024-11-15A vulnerability was found in erzhongxmu Jeewms up to 20241108. It has been rated as critical. This issue affects some unknown processing of the file cgReportCo…
CVE-2025-55834Medium6.12025-09-16A Cross Site Scripting vulnerability in JeeWMS v.3.7 and before allows a remote attacker to obtain sensitive information via the logController.do component
CVE-2025-0390Medium5.32025-01-11A vulnerability classified as critical was found in Guangzhou Huayi Intelligent Technology Jeewms up to 20241229. This vulnerability affects unknown code of th…
CVE-2024-12347Medium5.32024-12-09A vulnerability was found in Guangzhou Huayi Intelligent Technology Jeewms up to 1.0.0 and classified as critical. This issue affects some unknown processing o…
CVE-2024-11961Medium5.32024-11-28A vulnerability was found in Guangzhou Huayi Intelligent Technology Jeewms 3.7. It has been rated as problematic. This issue affects the function preHandle of…
CVE-2026-3028Medium4.32026-02-23A vulnerability was determined in erzhongxmu JEEWMS up to 3.7. This vulnerability affects the function doAdd of the file src/main/java/com/jeecg/demo/controlle…