| tiêu đề | Guangzhou Huayi Intelligent Technology Co., Ltd. JEEWMS 3.7 Information Leakage |
|---|
| Mô tả | Guangzhou Huayi Intelligent Technology Co., Ltd.'s main business scope includes technology promotion and application services, software development, digital content services, information technology consulting, animation and comics design, data processing and storage, information system integration, and wholesale and retail of computer and communication equipment. Its intelligent warehouse management system JEEWMS has an information leakage vulnerability in the wmOmNoticeHController.do path. Attackers can download relevant shipping information by accessing wmOmNoticeHController.do?exportXls, which leaks important information such as the shipper's address, name, and contact information. |
|---|
| Nguồn | ⚠️ https://github.com/dycccccccc/JEEWMS/blob/main/JEEWMS%20Shipper%20Information%20Leakage.docx |
|---|
| Người dùng | dycc (UID 77775) |
|---|
| Đệ trình | 16/11/2024 08:10 (cách đây 2 những năm) |
|---|
| Kiểm duyệt | 28/11/2024 10:04 (12 days later) |
|---|
| Trạng thái | được chấp nhận |
|---|
| Mục VulDB | 286343 [Guangzhou Huayi Intelligent Technology Jeewms 3.7 WmOmNoticeHController.java preHandle yêu cầu tiết lộ thông tin] |
|---|
| điểm | 20 |
|---|