Browse all 4 CVE security advisories affecting WeiYe-Jing. AI-powered Chinese analysis, POCs, and references for each vulnerability.
WeiYe-Jing is a Chinese software vendor providing enterprise resource planning and supply chain management solutions. Historically, their products have been vulnerable to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from improper input validation and insecure authentication mechanisms. The vendor has addressed multiple critical flaws in their web applications, with four CVEs currently documented. Security researchers have identified recurring issues in their default configurations and insufficient access controls, though no major public security incidents have been widely reported. Their codebase typically requires regular patching to mitigate newly discovered vulnerabilities in their business process automation tools.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-13251 | WeiYe-Jing datax-web sql injection — datax-webCWE-89 | 6.3 | Medium | 2025-11-16 |
| CVE-2025-13250 | WeiYe-Jing datax-web Job triggerJob access control — datax-webCWE-284 | 6.3 | Medium | 2025-11-16 |
| CVE-2024-12358 | WeiYe-Jing datax-web add os command injection — datax-webCWE-78 | 6.3 | Medium | 2024-12-09 |
| CVE-2023-7116 | WeiYe-Jing datax-web HTTP POST Request killJob os command injection — datax-webCWE-78 | 6.3 | Medium | 2023-12-27 |
This page lists every published CVE security advisory associated with WeiYe-Jing. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.