CVE Details
Basic Information
| Title |
JeeWMS cgformTemplateController.do doAdd path traversal |
| Type |
cve |
| Published |
2025-05-31T16:31:06.803Z |
| Last Seen |
|
Product Information
| Vendor |
n/a |
| Product |
JeeWMS |
| Version |
20250504 |
CVSS Information
| Base Score |
5.3 (MEDIUM) |
| Attack Vector |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N |
| Confidentiality Impact |
|
| Integrity Impact |
|
| Availability Impact |
|
AI Analysis
| AI Description |
A critical vulnerability in JeeWMS allows remote attackers to perform path traversal attacks via the doAdd function in /cgformTemplateController.do, potentially leading to unauthorized access or data manipulation. The product uses continuous delivery with rolling releases, so no specific version details are available. |
| AI Severity |
Critical |
| Vendor |
JeeWMS |
| Product |
JeeWMS |
| Affected Version |
Up to 20250504 |
Additional Information
| CVE List |
|
| CWE List |
CWE-22 |
| Bulletin Family |
|
| Source Data |
n/a JeeWMS 20250504 |
Source Information
| Source Data |
n/a JeeWMS 20250504 |
| Source Link |
|
Description
A vulnerability was found in JeeWMS up to 20250504. It has been declared as critical. This vulnerability affects the function doAdd of the file /cgformTemplateController.do?doAdd. The manipulation leads to path traversal. The attack can be initiated remotely. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available.
CVSS Score Summary
View Full CVE Details
