Keecth

**Name of the Vulnerable Software and Affected Versions** jeecgboot JimuReport versions up to 1.6.0 **Description** A critical issue was found in the Template Handler component, allowing for remote injection attacks. The exploit has been disclosed publicly. **Recommendations** For jeecgboot JimuReport versions up to 1.6.0, upgrade to version 1.6.1 to address this issue.

**Name of the Vulnerable Software and Affected Versions** UJCMS versions up to 6.0.2 **Description** A vulnerability has been found in the ZIP Package Handler component of UJCMS, which can lead to information disclosure through the manipulation of the `dir` argument. The attack can be initiated remotely, with a rather high complexity and difficult exploitation. The exploit has been disclosed to the public and may be used. **Recommendations** For UJCMS versions up to 6.0.2, upgrade to version 7.0.0 to address this issue. It is recommended to upgrade the affected component.