CVE-2026-37430

Published May 13th, 2026

View on NVD ↗

CVSS v3

7.3

HIGH

CVSS v2

N/A

Affected

PROJECT

Description

An arbitrary file upload vulnerability in the ShopOrderImportController.java component of qihang-wms commit 75c15a allows attackers to execute arbitrary code via uploading a crafted file.

Y4y17/CVE

GitHub