CVE-2025-11139
Summary (CVE-2025-11139): Bjskzy Zhiyou ERP (versions up to 11.0) is affected by a path traversal vulnerability in the function uploadStudioFile of the component com.artery.form.services.FormStudioUpdater. The vulnerability stems from manipulating the filepath argument, enabling path traversal an...