📦 Jeesite

Jeesite versions before commit 10742d3 contain a SQL injection vulnerability in the ActDao.xml component via the ${businessTable} parameter. This allows attackers to execute arbitrary SQL commands on ...

CVE-2020-19229 is a critical vulnerability in Jeesite 1.2.7 that uses a vulnerable version of Apache Shiro (1.2.3). This allows attackers to exploit a Java deserialization flaw via the rememberMe para...

This critical vulnerability in JeeSite allows attackers to upload arbitrary files without proper restrictions, potentially leading to remote code execution. It affects all JeeSite installations up to ...

This CVE describes an open redirect vulnerability in JeeSite's SSO controller that allows attackers to redirect users to malicious websites. The vulnerability affects JeeSite versions up to 5.12.0 and...

This CVE-2025-7759 is a Server-Side Request Forgery (SSRF) vulnerability in thinkgem JeeSite's UEditor image grabber component. Attackers can manipulate the 'Source' parameter to make the server send ...