Aggregates CVE and security vulnerability intelligence across all jerryhanjj-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Disclosed issues often relate to vendor risk sql injection; exposure may include vendor impact data exposure in vendor surface software deployment and vendor surface production workloads contexts.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-29390 | jerryhanjj ERP 1.0 is vulnerable to SQL Injection in the set_password function in application/controllers/home.php. | [email protected] | 8.8 | 0.37% | 2025-04-09 | 2025-04-22 |
| CVE-2024-42565 | ERP commit 44bd04 was discovered to contain a SQL injection vulnerability via the id parameter at /index.php/basedata/contact/delete?action=delete. | [email protected] | 9.8 | 0.60% | 2024-08-20 | 2025-06-17 |
| CVE-2024-42564 | ERP commit 44bd04 was discovered to contain a SQL injection vulnerability via the id parameter at /index.php/basedata/inventory/delete?action=delete. | [email protected] | 7.6 | 0.44% | 2024-08-20 | 2025-06-17 |
| CVE-2024-42563 | An arbitrary file upload vulnerability in ERP commit 44bd04 allows attackers to execute arbitrary code via uploading a crafted HTML file. | [email protected] | 9.8 | 0.83% | 2024-08-20 | 2025-06-05 |