5I1Encee

**Name of the Vulnerable Software and Affected Versions** yeqifu warehouse (affected versions not specified) **Description** A weakness exists that leads to improper authorization. The issue affects the `saveUserRole` function within the file `warehousesrcmainjavacomyeqifusyscontrollerUserController.java` of the Request Handler component. The attack can be carried out remotely. The exploit is publicly available. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** yeqifu warehouse (affected versions not specified) **Description** A security flaw exists in yeqifu warehouse due to path traversal. The issue is related to the manipulation of the `path` argument within the `createResponseEntity()` function located in the file warehousesrcmainjavacomyeqifusyscommonAppFileUtils.java. This issue may be exploited remotely. The exploit has been publicly released. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.