Filtered by vendor Feminer Wms Project
Subscriptions
Filtered by product Feminer Wms
Subscriptions
Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-25997 | 1 Feminer Wms Project | 1 Feminer Wms | 2025-05-13 | 7.5 High |
| Directory Traversal vulnerability in FeMiner wms v.1.0 allows a remote attacker to obtain sensitive information via the databak.php component. | ||||
| CVE-2025-25992 | 1 Feminer Wms Project | 1 Feminer Wms | 2025-05-02 | 5.1 Medium |
| SQL Injection vulnerability in FeMiner wms 1.0 allows a remote attacker to obtain sensitive information via the inquire_inout_item.php component. | ||||
| CVE-2025-25993 | 1 Feminer Wms Project | 1 Feminer Wms | 2025-05-02 | 5.1 Medium |
| SQL Injection vulnerability in FeMiner wms wms 1.0 allows a remote attacker to obtain sensitive information via the parameter "itemid." | ||||
| CVE-2025-25994 | 1 Feminer Wms Project | 1 Feminer Wms | 2025-05-02 | 7.5 High |
| SQL Injection vulnerability in FeMiner wms wms 1.0 allows a remote attacker to obtain sensitive information via the parameters date1, date2, id. | ||||
| CVE-2021-42897 | 1 Feminer Wms Project | 1 Feminer Wms | 2024-11-21 | 9.8 Critical |
| A remote command execution (RCE) vulnerability was found in FeMiner wms V1.0 in /wms/src/system/datarec.php. The $_POST[r_name] is directly passed into the $mysqlstr and is executed by exec. | ||||
Page 1 of 1.