CVE-2025-0391 | Guangzhou Huayi Intelligent Technology Jeewms up to 20241229 CgFormBuildController. java saveOrUpdate sql injection (IBFKA8)

Posted by Angelo Barbosa | Jan 10, 2025 | CVE

A vulnerability, which was classified as critical, has been found in Guangzhou Huayi Intelligent Technology Jeewms up to 20241229. This issue affects the function saveOrUpdate of the file org/jeecgframework/web/cgform/controller/build/CgFormBuildController. java. The manipulation leads to sql injection.

The identification of this vulnerability is CVE-2025-0391. The attack may be initiated remotely. Furthermore, there is an exploit available.

It is recommended to upgrade the affected component.

CVE-2025-0391 | Guangzhou Huayi Intelligent Technology Jeewms up to 20241229 CgFormBuildController. java saveOrUpdate sql injection (IBFKA8)

Related Posts

CVE-2024-9792 | D-Link DSL-2750U R5B017 Port Forwarding Page PortMappingDescription cross site scripting

CVE-2023-6844 | iframe Plugin up to 5.0 on WordPress Shortcode cross site scripting

CVE-2024-4260 | Page Builder Gutenberg Blocks Plugin up to 3.1.11 on WordPress Shortcode server-side request forgery

CVE-2024-13203 | kurniaramadhan E-Commerce-PHP 1.0 cross-site request forgery