35 matches found
Yonyou UFIDA ERP-NC V5.0 - Cross-Site Scripting
Yonyou UFIDA ERP-NC V5.0 is vulnerable to reflected cross-site scripting XSS via the langcode parameter in /help/systop.jsp and /help/top.jsp. Unsanitized user input is reflected in the response, allowing arbitrary JavaScript execution. id: CVE-2025-2711 info: name: Yonyou UFIDA ERP-NC V5.0 -...
Yonyou UFIDA ERP-NC V5.0 - Cross-Site Scripting
Yonyou UFIDA ERP-NC V5.0 is vulnerable to reflected cross-site scripting XSS via the key and redirect parameters in login.jsp. Unsanitized user input is reflected in the response, allowing arbitrary JavaScript execution. id: CVE-2025-2709 info: name: Yonyou UFIDA ERP-NC V5.0 - Cross-Site Scriptin...
EUVD-2025-8023
Malicious code in bioql PyPI...
EUVD-2025-8013
Malicious code in bioql PyPI...
EUVD-2025-8030
Malicious code in bioql PyPI...
VulnCheck KEV: CVE-2025-2712
A vulnerability was found in Yonyou UFIDA ERP-NC 5.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /help/top.jsp. The manipulation of the argument langcode leads to cross site scripting. The attack can be launched remotely. The exploi...
Yonyou UFIDA ERP-NC /help/top.jsp file cross-site scripting vulnerability
Yonyou UFIDA ERP-NC is a kind of Enterprise Resource Planning ERP software, which is mainly used for financial management, supply chain management, production management and customer relationship management of enterprises. Yonyou UFIDA ERP-NC suffers from a cross-site scripting vulnerability that...
Yonyou UFIDA ERP-NC /login.jsp file cross-site scripting vulnerability
Yonyou UFIDA ERP-NC is a kind of Enterprise Resource Planning ERP software, which is mainly used for financial management, supply chain management, production management and customer relationship management of enterprises. Yonyou UFIDA ERP-NC suffers from a cross-site scripting vulnerability that...
Yonyou UFIDA ERP-NC /help/systop.jsp file cross-site scripting vulnerability
Yonyou UFIDA ERP-NC is a kind of Enterprise Resource Planning ERP software, which is mainly used for financial management, supply chain management, production management and customer relationship management of enterprises. Yonyou UFIDA ERP-NC suffers from a cross-site scripting vulnerability, whi...
Yonyou UFIDA ERP-NC /menu.jsp file cross-site scripting vulnerability
Yonyou UFIDA ERP-NC is a kind of Enterprise Resource Planning ERP software, which is mainly used for financial management, supply chain management, production management and customer relationship management of enterprises. Yonyou UFIDA ERP-NC suffers from a cross-site scripting vulnerability that...
CVE-2025-2712
A vulnerability was found in Yonyou UFIDA ERP-NC 5.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /help/top.jsp. The manipulation of the argument langcode leads to cross site scripting. The attack can be launched remotely. The exploi...
CVE-2025-2710
A vulnerability was found in Yonyou UFIDA ERP-NC 5.0 and classified as problematic. This issue affects some unknown processing of the file /menu.jsp. The manipulation of the argument flag leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the...
CVE-2025-2709
A vulnerability has been found in Yonyou UFIDA ERP-NC 5.0 and classified as problematic. This vulnerability affects unknown code of the file /login.jsp. The manipulation of the argument key/redirect leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclose...
CVE-2025-2712 Yonyou UFIDA ERP-NC top.jsp cross site scripting
A vulnerability was found in Yonyou UFIDA ERP-NC 5.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /help/top.jsp. The manipulation of the argument langcode leads to cross site scripting. The attack can be launched remotely. The exploi...
CVE-2025-2712
CVE-2025-2712 affects Yonyou UFIDA ERP-NC 5.0. The vulnerability is a reflected cross-site scripting (XSS) in the langcode parameter, impacting /help/top.jsp (and, per related templates, /help/systop.jsp). Root cause: unsanitized input reflected in the response, enabling arbitrary JavaScript exec...
CVE-2025-2712 Yonyou UFIDA ERP-NC top.jsp cross site scripting
A vulnerability was found in Yonyou UFIDA ERP-NC 5.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /help/top.jsp. The manipulation of the argument langcode leads to cross site scripting. The attack can be launched remotely. The exploi...
CVE-2025-2710
A vulnerability was found in Yonyou UFIDA ERP-NC 5.0 and classified as problematic. This issue affects some unknown processing of the file /menu.jsp. The manipulation of the argument flag leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the...
CVE-2025-2710
A vulnerability was found in Yonyou UFIDA ERP-NC 5.0 and classified as problematic. This issue affects some unknown processing of the file /menu.jsp. The manipulation of the argument flag leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the...
CVE-2025-2711 Yonyou UFIDA ERP-NC systop.jsp cross site scripting
A vulnerability was found in Yonyou UFIDA ERP-NC 5.0. It has been classified as problematic. Affected is an unknown function of the file /help/systop.jsp. The manipulation of the argument langcode leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been...
CVE-2025-2711
CVE-2025-2711 affects Yonyou UFIDA ERP-NC v5.0. Affected component: the /help/systop.jsp (and /help/top.jsp via langcode). Root cause: manipulation of the langcode input leads to reflected cross-site scripting (XSS). Impact: attackers can remotely exploit to execute arbitrary JavaScript in victim...