anonhaven
Ad

CVE-2024-57760

MEDIUM CVSS 3.1: 6.5 EPSS 0.18%
Updated Apr 21, 2025
Jeewms
Parameter Value
CVSS 6.5 (MEDIUM)
Affected Versions before 2025.01.01
Fixed In 2025.01.01
Type CWE-89 (SQL Injection)
Vendor Jeewms
Public PoC No

JeeWMS before v2025.01.01 was discovered to contain a SQL injection vulnerability via the ReportId parameter at /core/CGReportDao.java.

Attack Parameters

Attack Vector
Network
Can be exploited remotely
Attack Complexity
Low
Easy to exploit
Privileges Required
Low
Basic privileges needed
User Interaction
None
No user interaction needed

Impact Assessment

Confidentiality
High
Complete data leak
Integrity
None
No data modification
Availability
None
No disruption

CVSS Vector v3.1

Weakness Type (CWE)

CWE-89 SQL Injection

Vulnerable Products 1

Configuration From (including) Up to (excluding)
Jeewms Jeewms
cpe:2.3:a:jeewms:jeewms:*:*:*:*:*:*:*:*
 2025.01.01

References 1

https://gitee.com/erzhongxmu/JEEWMS/issues/IBFTVK
cve@mitre.org
Share Post Share Share Share

Related Vulnerabilities

CVE-2026-3027

Jeewms

5.3

CVE-2026-3026

Jeewms

6.9

CVE-2024-57757

Jeewms

7.5