Vulnerability Database

300,213

Total vulnerabilities in the database

CVE-2025-8840

A vulnerability was determined in jshERP up to 3.5. Affected is an unknown function of the file /jshERP-boot/user/deleteBatch of the component Endpoint. The manipulation of the argument ids leads to improper authorization. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Different than CVE-2025-7947.

Published: Aug 11, 2025
Updated: Aug 12, 2025
CVE: CVE-2025-8840
Exploit:

No technical information available.

No CWE or OWASP classifications available.

Affected Software
References

No affected software listed.

https://github.com/jishenghua/jshERP/issues/126
https://vuldb.com/?ctiid.319374
https://vuldb.com/?id.319374
https://vuldb.com/?submit.622573
https://vuldb.com/?submit.622621

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo