Browse all 4 CVE security advisories affecting erzhongxmu. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Erzhongxmu operates primarily in industrial control systems and manufacturing automation, with core use cases involving programmable logic controllers and SCADA systems. Historically, this entity has been associated with multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues in their products. Their security posture has been marked by insufficient input validation and inadequate access controls. The four CVEs attributed to them highlight consistent patterns of insecure design, particularly in web interfaces and communication protocols. No major public security incidents have been documented, though the recurring nature of their vulnerabilities suggests systemic security challenges in their development lifecycle.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-3028 | erzhongxmu JEEWMS JeecgListDemoController.java doAdd cross site scripting — JEEWMSCWE-79 | 4.3 | Medium | 2026-02-23 |
| CVE-2026-3027 | erzhongxmu JEEWMS UEditor getContent.jsp cross site scripting — JEEWMSCWE-79 | 4.3 | Medium | 2026-02-23 |
| CVE-2026-3026 | erzhongxmu JEEWMS UEditor getRemoteImage.jsp server-side request forgery — JEEWMSCWE-918 | 7.3 | High | 2026-02-23 |
| CVE-2024-11251 | erzhongxmu Jeewms AuthInterceptor cgReportController.do sql injection — JeewmsCWE-89 | 6.3 | Medium | 2024-11-15 |
This page lists every published CVE security advisory associated with erzhongxmu. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.