Approved changes feed: RSS · Atom
cpe:2.3:a:digiwin:erp:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Digiwin (18dbde5d-3a25-581d-bda3-d32fc7ff848a) |
|---|---|
| Product | Erp (5a74e7c1-b612-5165-93b7-c45e36c5192d) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-2706 |
vulnerable | 2026-06-08 07:16:58.107886 |
Digiwin ERP UploadAjaxAPI.ashx unrestricted upload
MEDIUM (6.3)
A vulnerability classified as critical was found in Digiwin ERP 5.0.1. Affected by this vulnerability is an unknown functionality of the file /Api/TinyMce/UploadAjaxAPI.ashx. The manipulation of the argument File leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Published: 2025-03-24T18:31:03.890Z
Updated: 2025-03-24T19:31:04.860Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-2705 |
vulnerable | 2026-06-08 07:16:58.107479 |
Digiwin ERP FileUploadApi.ashx DoWebUpload unrestricted upload
HIGH (7.3)
A vulnerability classified as critical has been found in Digiwin ERP 5.1. Affected is the function DoUpload/DoWebUpload of the file /Api/FileUploadApi.ashx. The manipulation of the argument File leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Published: 2025-03-24T16:00:07.614Z
Updated: 2025-03-24T18:02:49.037Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.