Jsherp
Monthly
A vulnerability was found in jishenghua jshERP up to 3.6. The impacted element is the function install of the file /jshERP-boot/plugin/installByPath of the component com.gitee.starblues.integration.operator.DefaultPluginOperator. [CVSS 2.7 LOW]
jshERP versions up to 3.6 contain a path traversal vulnerability in the PluginController's file upload functionality that allows authenticated attackers to read arbitrary files on the server. Public exploit code exists for this vulnerability, and the vendor has not yet released a patch despite being notified of the issue.
SQL injection in jshERP up to version 3.6 allows authenticated remote attackers to manipulate the barCodes parameter in the DepotItem import function, potentially enabling unauthorized data access or modification. Public exploit code exists for this vulnerability, and no patch is currently available. The vendor has not responded to early notification of this issue.
An issue was discovered in jishenghua JSH_ERP 2.3.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An issue was discovered in jishenghua JSH_ERP 2.3.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An issue was discovered in jishenghua JSH_ERP 2.3.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An issue was discovered in jishenghua JSH_ERP 2.3.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An issue was discovered in jishenghua JSH_ERP 2.3.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Incorrect access control in the component /controller/PersonController.java of jshERP v3.5 allows unauthorized attackers to obtain all the information of the handler by executing the getAllList. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Incorrect access control in the component \controller\ResourceController.java of jshERP v3.5 allows unauthorized attackers to obtain all the corresponding ID data by modifying the ID value. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Incorrect access control in the component \controller\RoleController.java of jshERP v3.5 allows unauthorized attackers to arbitrarily modify the supplier status under any account. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Incorrect access control in the component \controller\SupplierController.java of jshERP v3.5 allows unauthorized attackers to arbitrarily modify the supplier status under any account. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Incorrect access control in the component \controller\UserController.java of jshERP v3.5 allows attackers to arbitrarily reset user account passwords and execute a horizontal privilege escalation. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Weak password recovery in jshERP up to version 3.5 allows authenticated remote attackers to compromise user accounts via the /jshERP-boot/user/updatePwd endpoint. The vulnerability enables password reset functionality without adequate protection mechanisms, classified as problematic with CVSS 2.1 and EPSS 0.06%. Publicly available exploit code exists but active exploitation remains unconfirmed.
Improper authorization in jshERP up to version 3.5 allows authenticated remote attackers to modify or delete user accounts via manipulation of the ID parameter in the /user/delete endpoint, potentially resulting in unauthorized account manipulation and information disclosure. Publicly available exploit code exists for this vulnerability.
A vulnerability was found in jishenghua jshERP up to 3.6. The impacted element is the function install of the file /jshERP-boot/plugin/installByPath of the component com.gitee.starblues.integration.operator.DefaultPluginOperator. [CVSS 2.7 LOW]
jshERP versions up to 3.6 contain a path traversal vulnerability in the PluginController's file upload functionality that allows authenticated attackers to read arbitrary files on the server. Public exploit code exists for this vulnerability, and the vendor has not yet released a patch despite being notified of the issue.
SQL injection in jshERP up to version 3.6 allows authenticated remote attackers to manipulate the barCodes parameter in the DepotItem import function, potentially enabling unauthorized data access or modification. Public exploit code exists for this vulnerability, and no patch is currently available. The vendor has not responded to early notification of this issue.
An issue was discovered in jishenghua JSH_ERP 2.3.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An issue was discovered in jishenghua JSH_ERP 2.3.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An issue was discovered in jishenghua JSH_ERP 2.3.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An issue was discovered in jishenghua JSH_ERP 2.3.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An issue was discovered in jishenghua JSH_ERP 2.3.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Incorrect access control in the component /controller/PersonController.java of jshERP v3.5 allows unauthorized attackers to obtain all the information of the handler by executing the getAllList. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Incorrect access control in the component \controller\ResourceController.java of jshERP v3.5 allows unauthorized attackers to obtain all the corresponding ID data by modifying the ID value. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Incorrect access control in the component \controller\RoleController.java of jshERP v3.5 allows unauthorized attackers to arbitrarily modify the supplier status under any account. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Incorrect access control in the component \controller\SupplierController.java of jshERP v3.5 allows unauthorized attackers to arbitrarily modify the supplier status under any account. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Incorrect access control in the component \controller\UserController.java of jshERP v3.5 allows attackers to arbitrarily reset user account passwords and execute a horizontal privilege escalation. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Weak password recovery in jshERP up to version 3.5 allows authenticated remote attackers to compromise user accounts via the /jshERP-boot/user/updatePwd endpoint. The vulnerability enables password reset functionality without adequate protection mechanisms, classified as problematic with CVSS 2.1 and EPSS 0.06%. Publicly available exploit code exists but active exploitation remains unconfirmed.
Improper authorization in jshERP up to version 3.5 allows authenticated remote attackers to modify or delete user accounts via manipulation of the ID parameter in the /user/delete endpoint, potentially resulting in unauthorized account manipulation and information disclosure. Publicly available exploit code exists for this vulnerability.