Huaxiaerp Jsherp
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Huaxiaerp Jsherp.
By the Year
In 2026 there have been 0 vulnerabilities in Huaxiaerp Jsherp. Jsherp did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 1 | 9.80 |
| 2023 | 1 | 6.50 |
It may take a day or so for new Jsherp vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Huaxiaerp Jsherp Security Vulnerabilities
Arbitrary File Upload in jshERP v3.3 via Upload Path Manipulation
CVE-2024-24000
9.8 - Critical
- February 06, 2024
jshERP v3.3 is vulnerable to Arbitrary File Upload. The jshERP-boot/systemConfig/upload interface does not check the uploaded file type, and the biz parameter can be spliced into the upload path, resulting in arbitrary file uploads with controllable paths.
Unrestricted File Upload
jshERP V3.3 DoFilter Access Control Bypass Allows Sensitive Data Leak
CVE-2023-48894
6.5 - Medium
- November 30, 2023
Incorrect Access Control vulnerability in jshERP V3.3 allows attackers to obtain sensitive information via the doFilter function.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Huaxiaerp Jsherp or by Huaxiaerp? Click the Watch button to subscribe.
