CVE-2026-1218

CVE-2026-1218 affects Bjskzy Zhiyou ERP up to version 11.0. The vulnerability targets the function initRCForm in the file RichClientService.class of the component com.artery.richclient.RichClientService , where manipulation can trigger an XML External Entity (XXE) reference. It is exploitable rem...

CVE-2025-11140 Bjskzy Zhiyou ERP com.artery.richclient.RichClientService openForm xml external entity reference

A vulnerability was identified in Bjskzy Zhiyou ERP up to 11.0. Affected by this vulnerability is the function openForm of the component com.artery.richclient.RichClientService. Such manipulation of the argument contentString leads to xml external entity reference. The attack can be executed...

CVE-2025-11140 Bjskzy Zhiyou ERP com.artery.richclient.RichClientService openForm xml external entity reference

A vulnerability was identified in Bjskzy Zhiyou ERP up to 11.0. Affected by this vulnerability is the function openForm of the component com.artery.richclient.RichClientService. Such manipulation of the argument contentString leads to xml external entity reference. The attack can be executed...

PT-2025-39809

Name of the Vulnerable Software and Affected Versions Bjskzy Zhiyou ERP versions prior to 11.0 Description A flaw exists in Bjskzy Zhiyou ERP that could allow for remote manipulation. The issue is related to the openForm function within the com.artery.richclient.RichClientService component...

Bjskzy Zhiyou ERP 代码问题漏洞

Bjskzy Zhiyou ERP is an Enterprise Resource Planning software from Bjskzy Beijing, China. A code issue vulnerability exists in Bjskzy Zhiyou ERP version 11.0 and prior versions, which stems from the incorrect manipulation of the parameter contentString of the function openForm in the component...