2 matches found
CVE-2025-34039 Yonyou NC BeanShell Command Injection
A code injection vulnerability exists in Yonyou UFIDA NC v6.5 and prior due to the exposure of the BeanShell testing servlet bsh.servlet.BshServlet without proper access controls. The servlet allows unauthenticated remote attackers to execute arbitrary Java code via the bsh.script parameter. This...
Yonyou UFIDA NC 安全漏洞
Yonyou UFIDA NC is a high-end management software from China's UFIDA Yonyou Corporation. A security vulnerability exists in Yonyou UFIDA NC v6.5 and prior versions, which originates from a code injection attack due to exposure of a BeanShell test servlet...