Browse all 4 CVE security advisories affecting Code4Berry. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Code4Berry develops embedded systems software for IoT devices, with a core focus on firmware development for berry-processing agricultural equipment. Historically, the organization has been associated with multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues in its web interfaces. Security assessments reveal insufficient input validation and authentication mechanisms in several product lines. While no major public security incidents have been documented, the four CVEs assigned to Code4Berry highlight recurring weaknesses in secure coding practices, particularly in network-facing components and administrative interfaces, suggesting a need for enhanced security-by-design principles in their development lifecycle.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-11487 | Code4Berry Decoration Management System Between Dates Reports btndates_report.php sql injection — Decoration Management SystemCWE-89 | 6.3 | Medium | 2024-11-20 |
| CVE-2024-11486 | Code4Berry Decoration Management System User Permission user_permission.php — Decoration Management SystemCWE-275 | 4.3 | Medium | 2024-11-20 |
| CVE-2024-11485 | Code4Berry Decoration Management System User userregister.php permission — Decoration Management SystemCWE-275 | 6.3 | Medium | 2024-11-20 |
| CVE-2024-11484 | Code4Berry Decoration Management System User Image update_image.php access control — Decoration Management SystemCWE-284 | 6.3 | Medium | 2024-11-20 |
This page lists every published CVE security advisory associated with Code4Berry. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.