CVE-2025-14185 Yonyou U8 Cloud AppServletService.class sql injection

A vulnerability was identified in Yonyou U8 Cloud 5.0/5.0sp/5.1/5.1sp. The affected element is an unknown function of the file nc/pubitf/erm/mobile/appservice/AppServletService.class. Such manipulation of the argument usercode leads to sql injection. The attack may be launched remotely. The explo...

Yonyou U8 Cloud SQL注入漏洞

Yonyou U8 Cloud is a cloud-based enterprise management system from China's UFIDA Yonyou Corporation. A SQL injection vulnerability exists in Yonyou U8 Cloud version 5.0, 5.0sp, 5.1, and 5.1sp, which originates from incorrect manipulation of the parameter usercode in the file...