CVE-2025-4333 | feng_ha_ha/megagao ssm-erp/production_ssm up to 0.0.1 FileServiceImpl.java uploadFile unrestricted upload

A vulnerability was found in feng_ha_ha/megagao ssm-erp and production_ssm up to 0.0.1. It has been classified as critical. This affects the function uploadFile of the file src/main/java/com/megagao/production/ssm/service/impl/FileServiceImpl.java. The manipulation of the argument uploadFile leads to unrestricted upload.

This vulnerability is uniquely identified as CVE-2025-4333. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

This product is distributed under two entirely different names.

CVE-2025-4333 | feng_ha_ha/megagao ssm-erp/production_ssm up to 0.0.1 FileServiceImpl.java uploadFile unrestricted upload

Post correlati

CVE-2024-56572 | Linux Kernel up to 6.12.3 allocate_buffers_internal memory leak

CVE-2024-37677 | Shenzhen Weitillage Industrial Access Management Specialist 6.62.51215 information disclosure

CVE-2024-1475 | Coming Soon Maintenance Mode Plugin up to 1.0.5 on WordPress information disclosure

CVE-2023-49351 | Edimax BR6478AC V2 1.23 /bin/webs strcpy stack-based overflow