Browse all 4 CVE security advisories affecting Weitong. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Weitong is a Chinese software provider specializing in enterprise resource planning (ERP) and supply chain management solutions. Historically, their products have been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from insufficient input validation and insecure authentication mechanisms. While no major public security incidents have been widely documented, the four CVEs associated with Weitong highlight recurring issues in their web application components and integration APIs. Their security posture appears typical for mid-market ERP vendors, with vulnerabilities primarily affecting authenticated users but occasionally allowing unauthenticated access in misconfigured deployments.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-4136 | Weitong Mall Sale Endpoint improper authorization — MallCWE-285 | 5.4 | Medium | 2025-04-30 |
| CVE-2025-4119 | Weitong Mall Product Statistics queryTotal access control — MallCWE-284 | 5.3 | Medium | 2025-04-30 |
| CVE-2025-4118 | Weitong Mall Product History historyList access control — MallCWE-284 | 5.3 | Medium | 2025-04-30 |
| CVE-2022-4961 | Weitong Mall OrderDao.xml sql injection — MallCWE-89 | 5.5 | Medium | 2024-01-12 |
This page lists every published CVE security advisory associated with Weitong. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.