CVE-2025-0390 | Guangzhou Huayi Intelligent Technology Jeewms up to 20241229 wmOmNoticeHController.do path traversal (IBFKBM)

Posted by Angelo Barbosa | Jan 10, 2025 | CVE

A vulnerability classified as critical was found in Guangzhou Huayi Intelligent Technology Jeewms up to 20241229. This vulnerability affects unknown code of the file /wmOmNoticeHController.do. The manipulation leads to path traversal: ‘../filedir’.

This vulnerability was named CVE-2025-0390. The attack can be initiated remotely. Furthermore, there is an exploit available.

It is recommended to upgrade the affected component.

CVE-2025-0390 | Guangzhou Huayi Intelligent Technology Jeewms up to 20241229 wmOmNoticeHController.do path traversal (IBFKBM)

Related Posts

CVE-2023-6027 | PHPMemcachedAdmin 1.3.0 /pmcadmin/configure.php cross site scripting

CVE-2024-5371 | Kashipara College Management System 1.0 submit_enroll_student.php class_name cross site scripting

CVE-2024-2680 | Campcodes Online Job Finder System 1.0 /admin/user/index.php view cross site scripting

CVE-2023-49341 | Newland Nquire 1000 Interactive Kiosk NQ1000-II_G_V1.00.011 Cleartext Credential Storage backup.htm information disclosure