A vulnerability, which was classified as critical, has been found in JeeWMS up to 20250504. Affected by this issue is the function dogenerateOne2Many of the file /generateController.do?dogenerateOne2Many of the component File Handler. The manipulation leads to improper access controls. The attack may be launched remotely. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available.
                
            References
                    | Link | Resource | 
|---|---|
| https://gitee.com/erzhongxmu/JEEWMS/issues/IC5FNV | Issue Tracking | 
| https://vuldb.com/?ctiid.310682 | Permissions Required VDB Entry | 
| https://vuldb.com/?id.310682 | Third Party Advisory VDB Entry | 
Configurations
                    History
                    11 Sep 2025, 20:43
| Type | Values Removed | Values Added | 
|---|---|---|
| First Time | Huayi-tec Huayi-tec jeewms | |
| CPE | cpe:2.3:a:huayi-tec:jeewms:*:*:*:*:*:*:*:* | |
| CWE | NVD-CWE-noinfo | |
| Summary | 
 | |
| References | () https://gitee.com/erzhongxmu/JEEWMS/issues/IC5FNV - Issue Tracking | |
| References | () https://vuldb.com/?ctiid.310682 - Permissions Required, VDB Entry | |
| References | () https://vuldb.com/?id.310682 - Third Party Advisory, VDB Entry | 
31 May 2025, 19:15
| Type | Values Removed | Values Added | 
|---|---|---|
| New CVE | 
Information
                Published : 2025-05-31 19:15
Updated : 2025-09-11 20:43
NVD link : CVE-2025-5389
Mitre link : CVE-2025-5389
CVE.ORG link : CVE-2025-5389
JSON object : View
Products Affected
                huayi-tec
- jeewms
CWE
                