Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

OSV
OSVadded 2026/01/19 10:16 p.m.2 views

CVE-2026-1177

A weakness has been identified in Yonyou KSOA 9.0. Affected by this vulnerability is an unknown functionality of the file /kmf/savefolder.jsp of the component HTTP GET Parameter Handler. Executing a manipulation of the argument folderid can lead to sql injection. It is possible to launch the atta...

9.8CVSS5.7AI score0.00048EPSS
Exploits0References4
NVD
NVDadded 2026/01/19 2:15 a.m.5 views

CVE-2026-1132

A vulnerability was found in Yonyou KSOA 9.0. The affected element is an unknown function of the file /kmf/editfolder.jsp of the component HTTP GET Parameter Handler. Performing a manipulation of the argument folderid results in sql injection. The attack can be initiated remotely. The exploit has...

9.8CVSS0.00015EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2026/01/19 1:2 a.m.4 views

CVE-2026-1131 Yonyou KSOA HTTP GET Parameter save_catalog.jsp sql injection

A vulnerability has been found in Yonyou KSOA 9.0. Impacted is an unknown function of the file /kmc/savecatalog.jsp of the component HTTP GET Parameter Handler. Such manipulation of the argument catalogid leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

7.5CVSS7.1AI score0.00015EPSS
Exploits0References4
CNNVD
CNNVDadded 2026/01/19 12:0 a.m.1 views

Yonyou KSOA SQL injection vulnerability

Yonyou KSOA is an enterprise-level management software developed by Yonyou Corporation in China. Version 9.0 of Yonyou KSOA contains a SQL injection vulnerability, which stems from incorrect handling of the folderid parameter in the file/kmf/editfolder.jsp. This vulnerability may lead to SQL...

9.8CVSS7.2AI score0.00015EPSS
Exploits0References4
CVE
CVEadded 2026/01/02 7:2 a.m.8 views

CVE-2025-15434

Summary: CVE-2025-15434 affects Yonyou KSOA 9.0 via an SQL injection in an unknown function of the file /kp/PrintZPYG.jsp, caused by manipulating the zpjhid parameter. Reports indicate remote exploitation with the exploit publicly available. Multiple sources (NVD, Red Hat, CVE list, CNNVD, ENISA,...

9.8CVSS7.3AI score0.0002EPSS
Exploits1References4Affected Software1
CNNVD
CNNVDadded 2026/01/02 12:0 a.m.3 views

Yonyou KSOA SQL注入漏洞

Yonyou KSOA is an enterprise management software from China's Yonyou Corporation. A SQL injection vulnerability exists in Yonyou KSOA version 9.0, which originates from incorrect manipulation of the parameter ID in the file /worksheet/agentworksdel.jsp, which could lead to a SQL injection attack...

9.8CVSS7.7AI score0.00024EPSS
Exploits1References6
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2023-56586

Malicious code in bioql PyPI...

9.8CVSS9.1AI score0.02872EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2024/01/19 12:0 a.m.2 views

PT-2024-14324 · Yonyou · Yonyou Yonbip

Name of the Vulnerable Software and Affected Versions: yonyou YonBIP version 3 23.05 Description: An issue in yonyou YonBIP allows a remote attacker to execute arbitrary code via a crafted script to the ServiceDispatcherServlet uap.framework.rc.itf.IResourceManager component. Recommendations: For...

9.8CVSS9.4AI score0.02872EPSS
Exploits0References8
seebug.org
seebug.orgadded 2013/11/15 12:0 a.m.18 views

用友软件sql注射漏洞集合

简要描述: 详细说明: 漏洞第一枚http://www.yonyou.com.hk/new/enquiry.php?uid=1 漏洞第二枚http://www.yonyou.com.hk/new/downloadview.php?uid=4 漏洞第三枚http://www.yonyou.com.hk/new/incbodybanner2.php?uid=92 img src="https://images.seebug.org/upload/201310/13133736d517567...

7.1AI score
Exploits0
Rows per page
Query Builder