CVE-2025-0392 | Guangzhou Huayi Intelligent Technology Jeewms up to 20241229 graphReportController.do datagridGraph store_code sql injection (IBFK93)

CVE-2025-0392 | Guangzhou Huayi Intelligent Technology Jeewms up to 20241229 graphReportController.do datagridGraph store_code sql injection (IBFK93)

A vulnerability, which was classified as critical, was found in Guangzhou Huayi Intelligent Technology Jeewms up to 20241229. Affected is the function datagridGraph of the file /graphReportController.do. The manipulation of the argument store_code leads to sql injection. This vulnerability is traded as CVE-2025-0392. It is possible to launch the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.