Lucene search
K

21 matches found

RedhatCVE
RedhatCVE
added 2026/05/28 2:15 p.m.11 views

CVE-2026-9544

A vulnerability was found in Shenzhen Sixun Software Sixun Shanghui Group Business Management System 10. Affected by this vulnerability is an unknown functionality of the file /api/Dinner/PayConfig. Performing a manipulation of the argument tableno results in sql injection. The attack is possible...

7.5CVSS6.8AI score0.00259EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/26 12:45 p.m.8 views

CVE-2026-9544 Shenzhen Sixun Software Sixun Shanghui Group Business Management System PayConfig sql injection

A vulnerability was found in Shenzhen Sixun Software Sixun Shanghui Group Business Management System 10. Affected by this vulnerability is an unknown functionality of the file /api/Dinner/PayConfig. Performing a manipulation of the argument tableno results in sql injection. The attack is possible...

7.5CVSS6.8AI score0.00259EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/12/16 3:13 a.m.6 views

CVE-2025-14697

A security flaw has been discovered in Shenzhen Sixun Software Sixun Shanghui Group Business Management System 4.10.24.3. Affected by this issue is some unknown functionality of the file /ExportFiles/. The manipulation results in files or directories accessible. The attack may be launched remotel...

6.3CVSS6.3AI score0.00274EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/15 2:2 a.m.3 views

CVE-2025-14697 Shenzhen Sixun Software Sixun Shanghui Group Business Management System ExportFiles file access

A security flaw has been discovered in Shenzhen Sixun Software Sixun Shanghui Group Business Management System 4.10.24.3. Affected by this issue is some unknown functionality of the file /ExportFiles/. The manipulation results in files or directories accessible. The attack may be launched remotel...

6.3CVSS6.1AI score0.00274EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/12/15 2:2 a.m.28 views

CVE-2025-14697 Shenzhen Sixun Software Sixun Shanghui Group Business Management System ExportFiles file access

A security flaw has been discovered in Shenzhen Sixun Software Sixun Shanghui Group Business Management System 4.10.24.3. Affected by this issue is some unknown functionality of the file /ExportFiles/. The manipulation results in files or directories accessible. The attack may be launched remotel...

6.3CVSS0.00274EPSS
Exploits0References5
EUVD
EUVD
added 2025/12/15 2:2 a.m.3 views

EUVD-2025-203321

A security flaw has been discovered in Shenzhen Sixun Software Sixun Shanghui Group Business Management System 4.10.24.3. Affected by this issue is some unknown functionality of the file /ExportFiles/. The manipulation results in files or directories accessible. The attack may be launched remotel...

6.3CVSS5.9AI score0.00274EPSS
Exploits0References6
CVE
CVE
added 2025/12/15 2:2 a.m.9 views

CVE-2025-14697

CVE-2025-14697 affects Shenzhen Sixun Software Sixun Shanghui Group Business Management System (v4.10.24.3). The vulnerability targets an accessible component under the file path /ExportFiles/ where manipulation can cause files or directories to be accessible. It is described as exploitable remot...

6.3CVSS6.1AI score0.00274EPSS
Exploits0References5
EUVD
EUVD
added 2025/12/15 1:32 a.m.4 views

EUVD-2025-203322

A vulnerability was identified in Shenzhen Sixun Software Sixun Shanghui Group Business Management System 4.10.24.3. Affected by this vulnerability is an unknown functionality of the file /api/GylOperator/UpdatePasswordBatch. The manipulation leads to weak password recovery. The attack may be...

6.9CVSS6.2AI score0.00281EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2025/12/15 1:32 a.m.4 views

CVE-2025-14696 Shenzhen Sixun Software Sixun Shanghui Group Business Management System UpdatePasswordBatch password recovery

A vulnerability was identified in Shenzhen Sixun Software Sixun Shanghui Group Business Management System 4.10.24.3. Affected by this vulnerability is an unknown functionality of the file /api/GylOperator/UpdatePasswordBatch. The manipulation leads to weak password recovery. The attack may be...

6.9CVSS6.3AI score0.00281EPSS
Exploits0References5
VulnCheck KEV
VulnCheck KEV
added 2025/07/21 12:0 a.m.9 views

VulnCheck KEV: CVE-2025-4281

A vulnerability, which was classified as problematic, was found in Shenzhen Sixun Software Sixun Shanghui Group Business Management System 7. This affects an unknown part of the file /api/GylOperator/LoadData. The manipulation leads to information disclosure. It is possible to initiate the attack...

5.3CVSS5AI score0.00279EPSS
In wildExploits0References2
NVD
NVD
added 2025/05/05 4:15 p.m.11 views

CVE-2025-4281

A vulnerability, which was classified as problematic, was found in Shenzhen Sixun Software Sixun Shanghui Group Business Management System 7. This affects an unknown part of the file /api/GylOperator/LoadData. The manipulation leads to information disclosure. It is possible to initiate the attack...

5.3CVSS0.00279EPSS
Exploits0References4
CVE
CVE
added 2025/03/09 4:31 a.m.66 views

CVE-2025-2114

CVE-2025-2114 affects Shenzhen Sixun Software Sixun Shanghui Group Business Management System 7, specifically the Reset Password Interface component and its OperatorStop.asp handling. The root cause is improper authorization due to manipulation of the OperId parameter in that endpoint, which may ...

6.3CVSS4.3AI score0.00581EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/05/05 12:0 a.m.4 views

bumsys 跨站脚本漏洞

bumsys is an open source project called Business Management System by unilogies individual developers. A cross-site scripting vulnerability exists in versions of bumsys prior to 2.2.0, which stems from a stored cross-site scripting XSS vulnerability...

5.4CVSS4.8AI score0.0037EPSS
Exploits1References3
CNNVD
CNNVD
added 2023/05/05 12:0 a.m.14 views

bumsys 安全漏洞

bumsys is an open source project called Business Management System by unilogies individual developers. A security vulnerability exists in versions of bumsys prior to 2.2.0, which originates from an externally controlled file name or path...

7.2CVSS7AI score0.29134EPSS
Exploits1References3
CNNVD
CNNVD
added 2023/05/05 12:0 a.m.6 views

bumsys 跨站请求伪造漏洞

bumsys is an open source project called Business Management System by the individual developers of unilogies. A cross-site request forgery vulnerability exists in versions of unilogies/bumsys prior to 2.1.1, which stems from the presence of cross-site request forgery...

8.8CVSS7.7AI score0.0043EPSS
Exploits1References3
CNNVD
CNNVD
added 2023/05/05 12:0 a.m.5 views

bumsys 安全漏洞

bumsys is an open source project called Business Management System by unilogies individual developers. A security vulnerability exists in versions of bumsys prior to 2.1.1, which stems from an api processing endpoint that is allowed to contain local files that can be used to cause remote code...

8.8CVSS8.3AI score0.01914EPSS
Exploits1References3
CNNVD
CNNVD
added 2023/03/14 12:0 a.m.3 views

Firmanet Business Management System 跨站脚本漏洞

Firmanet Business Management System is a business management system from Firmanet Corporation. A security vulnerability exists in Firmanet Business Management System, which arises from improper neutralization of input during web page generation, allowing XSS Targeting of HTML attributes...

6.1CVSS6.2AI score0.00372EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/02/24 12:0 a.m.4 views

bumsys 跨站脚本漏洞

bumsys is an open source project called Business Management System by unilogies individual developers. A cross-site scripting vulnerability exists in versions of bumsys prior to v2.0.1. Attackers use this vulnerability to execute cross-site scripting attacks...

5.4CVSS5.4AI score0.00479EPSS
Exploits1References3
CNNVD
CNNVD
added 2023/01/26 12:0 a.m.5 views

bumsys 代码问题漏洞

bumsys is an open source project called Business Management System by unilogies individual developers. A code issue vulnerability exists in versions prior to bumsys v1.0.3-beta, which stems from the fact that it allows an attacker to upload dangerous types of files without restriction...

8.8CVSS7.5AI score0.05748EPSS
Exploits5References6
CNVD
CNVD
added 2021/06/09 12:0 a.m.14 views

SQL Injection Vulnerability in PCS Collection Operations Management System (CNVD-2021-43931)

Chengdu Qiangshi Technology Co., Ltd. is a high-tech enterprise integrating computer hardware and software development and sales. A SQL injection vulnerability exists in the PCS Collection Business Management System. An attacker can exploit the vulnerability to obtain sensitive information from t...

7.5AI score
Exploits0
Rows per page
Query Builder