Smewebify Weberpmesv2 vulnerabilities
2 known vulnerabilities affecting smewebify/weberpmesv2.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2026-22788P2HIGHCVSS 8.2fixed in 1.192026-01-12
CVE-2026-22788 [HIGH] CWE-306 CVE-2026-22788: WebErpMesv2 is a Resource Management and Manufacturing execution system Web for industry. Prior to 1
WebErpMesv2 is a Resource Management and Manufacturing execution system Web for industry. Prior to 1.19, the WebErpMesV2 application exposes multiple sensitive API endpoints without authentication middleware. An unauthenticated remote attacker can read business-critical data including companies, quotes, orders, tasks, and whiteboards. Limited write ac
nvd
CVE-2025-52130P3MEDIUMCVSS 5.4fixed in 1.192025-08-25
CVE-2025-52130 [MEDIUM] CWE-616 CVE-2025-52130: File upload vulnerability in WebErpMesv2 1.17 in the app/Http/Controllers/FactoryController.php cont
File upload vulnerability in WebErpMesv2 1.17 in the app/Http/Controllers/FactoryController.php controller. This flaw allows an authenticated attacker to upload arbitrary files, including PHP scripts, which can be accessed via direct GET requests, potentially resulting in remote code execution (RCE) on the web server.
nvd