CVE-2025-9391 Bjskzy Zhiyou ERP com.artery.workflow.ServiceImpl getFieldValue sql injection

A weakness has been identified in Bjskzy Zhiyou ERP up to 11.0. Affected by this issue is the function getFieldValue of the component com.artery.workflow.ServiceImpl. This manipulation of the argument sql causes sql injection. The attack may be initiated remotely. The exploit has been made...

CVE-2025-9391

Vulnerability CVE-2025-9391 affects Bjskzy Zhiyou ERP (versions up to 11.x). The flaw is in com.artery.workflow.ServiceImpl.getFieldValue, where improper handling of the sql argument enables SQL injection. Exploitation can be remote and publicly available PoCs are reported. Affected products and ...

CVE-2025-9391 Bjskzy Zhiyou ERP com.artery.workflow.ServiceImpl getFieldValue sql injection

A weakness has been identified in Bjskzy Zhiyou ERP up to 11.0. Affected by this issue is the function getFieldValue of the component com.artery.workflow.ServiceImpl. This manipulation of the argument sql causes sql injection. The attack may be initiated remotely. The exploit has been made...

PT-2025-34567 · Unknown · Bjskzy Zhiyou Erp

Name of the Vulnerable Software and Affected Versions: Bjskzy Zhiyou ERP versions prior to 11.1 Description: A weakness has been identified in Bjskzy Zhiyou ERP that allows for remote SQL injection. The issue is related to the manipulation of the sql argument within the getFieldValue function of...

CVE-2020-10911

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.0.29478. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

CVE-2020-10911

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.0.29478. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Foxit Reader and PhantomPDF Type Obfuscation Remote Code Execution Vulnerability (CNVD-2020-24446)

Foxit Reader and Foxit PhantomPDF are both Chinese Foxit Foxit company a PDF document reader. A security vulnerability exists in the handling of the GetFieldValue command in Foxit Reader and Foxit PhantomPDF 9.7.1.29511 and earlier versions for Windows-based platforms, which stems from the progra...

Foxit PhantomPDF GetFieldValue Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of t...