CVE-2024-53499

Critical CVSS: 9.8

Jeewms v3.7 was discovered to contain a SQL injection vulnerability via the CgReportController API.

Vendor

Product

CWE

Yayın Tarihi

2025-08-22 18:15:34

Güncelleme

2025-09-09 19:12:21

Source Identifier

cve@mitre.org

KEV Date Added

CWE-89 Jeewms CRITICAL Jeewms 2025

http://www.huayi-tec.com/ https://gitee.com/erzhongxmu/JEEWMS/issues/IB2XZG https://gitee.com/fushuling/cve/blob/master/CVE-2024-53499.md https://gitee.com/erzhongxmu/JEEWMS/issues/IB2XZG https://gitee.com/fushuling/cve/blob/master/CVE-2024-53499.md

Medium

CVE-2026-3026

A vulnerability has been found in erzhongxmu JEEWMS 3.7. Affected by this issue is some unknown functionality of the fil…

Medium

CVE-2026-3027

A vulnerability was found in erzhongxmu JEEWMS up to 3.7. This affects an unknown part of the file src/main/webapp/plug-…

Critical

CVE-2025-50901

JeeWMS 771e4f5d0c01ffdeae1671be4cf102b73a3fe644 (2025-05-19) contains incorrect authentication bypass vulnerability, whi…

Medium

CVE-2025-29213

A zip slip vulnerability in the component \service\migrate\MigrateForm.java of JEEWMS v3.7 allows attackers to execute a…

High

CVE-2024-57757

JeeWMS before v2025.01.01 was discovered to contain a permission bypass in the component /interceptors/AuthInterceptor.c…

Medium

CVE-2024-57760

JeeWMS before v2025.01.01 was discovered to contain a SQL injection vulnerability via the ReportId parameter at /core/CG…