EUVD-2025-14331

Malicious code in bioql PyPI...

CVE-2025-4531

A vulnerability was found in Seeyon Zhiyuan OA Web Application System 8.1 SP2. It has been rated as critical. Affected by this issue is the function postData of the file ROOT\WEB-INF\classes\com\ours\www\ehr\salary\service\data\EhrSalaryPayrollServiceImpl.class of the component Beetl Template...

CVE-2025-4531

A vulnerability was found in Seeyon Zhiyuan OA Web Application System 8.1 SP2. It has been rated as critical. Affected by this issue is the function postData of the file ROOT\WEB-INF\classes\com\ours\www\ehr\salary\service\data\EhrSalaryPayrollServiceImpl.class of the component Beetl Template...

CVE-2025-4531 Seeyon Zhiyuan OA Web Application System Beetl Template EhrSalaryPayrollServiceImpl.class postData code injection

A vulnerability was found in Seeyon Zhiyuan OA Web Application System 8.1 SP2. It has been rated as critical. Affected by this issue is the function postData of the file ROOT\WEB-INF\classes\com\ours\www\ehr\salary\service\data\EhrSalaryPayrollServiceImpl.class of the component Beetl Template...

CVE-2025-4531 Seeyon Zhiyuan OA Web Application System Beetl Template EhrSalaryPayrollServiceImpl.class postData code injection

A vulnerability was found in Seeyon Zhiyuan OA Web Application System 8.1 SP2. It has been rated as critical. Affected by this issue is the function postData of the file ROOT\WEB-INF\classes\com\ours\www\ehr\salary\service\data\EhrSalaryPayrollServiceImpl.class of the component Beetl Template...

CVE-2025-4531

CVE-2025-4531 affects Seeyon Zhiyuan OA Web Application System 8.1 SP2, specifically Beetl Template Handler’s EhrSalaryPayrollServiceImpl.postData. The payrollId argument is manipulated to cause code injection; attack vector is network with low complexity and no user interaction, and exploitation...

PT-2025-20653 · Unknown · Seeyon Zhiyuan Oa Web Application System

Name of the Vulnerable Software and Affected Versions: Seeyon Zhiyuan OA Web Application System version 8.1 SP2 Description: A critical issue affects the function postData of the file ROOTWEB-INFclassescomourswwwehrsalaryservicedataEhrSalaryPayrollServiceImpl.class of the component Beetl Template...

jfinal cms 安全漏洞

jfinal cms is a java development of powerful information consulting website , using a simple and powerful JFinal as the web framework , template engine with beetl , database with mysql , front-end bootstrap framework . jfinal cms v5.1.0 version of a security vulnerability , the source of the...

Jfinal CMS SQL Injection Vulnerability

Jfinal CMS is a powerful information consulting website developed by java, using the simple and powerful JFinal as a web framework, template engine with beetl, database with mysql, front-end bootstrap framework. jfinal CMS version 5.1 has a SQL injection vulnerability, the vulnerability originate...

XSS Vulnerability in jfinal cms User Profile Edit

jfinal cms is a java development of powerful information consulting website , using a simple and powerful JFinal as the web framework , template engine with beetl, database with mysql, front-end bootstrap framework. jfinal cms user profile editing XSS vulnerability , an attacker can exploit the...

XSS Vulnerability at jfinal cms publishing blog posts

jfinal cms is a java development of powerful information consulting website , using a simple and powerful JFinal as the web framework , template engine with beetl, database with mysql, front-end bootstrap framework. jfinal cms publish blog posts at the existence of XSS vulnerabilities , attackers...

Jfinal cms backend has arbitrary file read vulnerability

Jfinal cms uses JFinal as a web framework , template engine with beetl, database with mysql, front-end bootstrap, flat ui and other frameworks. Jfinal cms backend exists arbitrary file read vulnerability. Attackers can use the vulnerability to read the database configuration file...