98 matches found
EUVD-2021-23846
Malware in sbrugna...
EUVD-2025-16008
Malicious code in bioql PyPI...
EUVD-2025-19258
Malicious code in bioql PyPI...
EUVD-2025-23519
Malicious code in bioql PyPI...
CVE-2025-8516
A security vulnerability has been detected in Kingdee Cloud-Starry-Sky Enterprise Edition up to 8.2. This issue affects the function BaseServiceFactory.getFileUploadService.deleteFileAction of the file...
CVE-2025-8516
A security vulnerability has been detected in Kingdee Cloud-Starry-Sky Enterprise Edition up to 8.2. This issue affects the function BaseServiceFactory.getFileUploadService.deleteFileAction of the file...
CVE-2025-8516 Kingdee Cloud-Starry-Sky Enterprise Edition IIS-K3CloudMiniApp FileUploadAction.class path traversal
A security vulnerability has been detected in Kingdee Cloud-Starry-Sky Enterprise Edition up to 8.2. This issue affects the function BaseServiceFactory.getFileUploadService.deleteFileAction of the file...
CVE-2025-8516 Kingdee Cloud-Starry-Sky Enterprise Edition IIS-K3CloudMiniApp FileUploadAction.class path traversal
A security vulnerability has been detected in Kingdee Cloud-Starry-Sky Enterprise Edition up to 8.2. This issue affects the function BaseServiceFactory.getFileUploadService.deleteFileAction of the file...
CVE-2025-8516
CVE-2025-8516 affects Kingdee Cloud-Starry-Sky Enterprise Edition up to 8.2. The vulnerability is in BaseServiceFactory.getFileUploadService.deleteFileAction within K3Cloud\BBCMallSite\WEB-INF\lib\Kingdee.K3.O2O.Base.WebApp.jar!kingdee\k3\o2o\base\webapp\action\FileUploadAction.class of the IIS-K...
Kingdee Cloud-Starry-Sky Enterprise Edition 路径遍历漏洞
Kingdee Cloud-Starry-Sky Enterprise Edition is a digital transformation solution for growing enterprises from China's Kingdee. A path traversal vulnerability exists in Kingdee Cloud-Starry-Sky Enterprise Edition 8.2 and earlier versions, which stems from path traversal due to incorrect operation ...
PT-2025-31821 · Unknown +1 · Iis-K3Cloudminiapp +1
Name of the Vulnerable Software and Affected Versions: Kingdee Cloud-Starry-Sky Enterprise Edition versions prior to 8.2 Description: A path traversal issue exists in the BaseServiceFactory.getFileUploadService.deleteFileAction function within the...
CVE-2025-6761
A vulnerability was found in Kingdee Cloud-Starry-Sky Enterprise Edition 6.x/7.x/8.x/9.0. It has been rated as critical. Affected by this issue is the function plugin.buildMobilePopHtml of the file \k3\o2o\bos\webapp\action\DynamicForm 4 Action.class of the component Freemarker Engine. The...
CVE-2025-6761
A vulnerability was found in Kingdee Cloud-Starry-Sky Enterprise Edition 6.x/7.x/8.x/9.0. It has been rated as critical. Affected by this issue is the function plugin.buildMobilePopHtml of the file \k3\o2o\bos\webapp\action\DynamicForm 4 Action.class of the component Freemarker Engine. The...
CVE-2025-6761
CVE-2025-6761 affects Kingdee Cloud-Starry-Sky Enterprise Edition (versions 6.x–9.0). The root cause is improper neutralization of special elements in the Freemarker Engine template processing, specifically in the function plugin.buildMobilePopHtml inside DynamicForm 4 Action.class. This can enab...
CVE-2025-6761 Kingdee Cloud-Starry-Sky Enterprise Edition Freemarker Engine DynamicForm 4 Action.class plugin.buildMobilePopHtml special elements used in a template engine
A vulnerability was found in Kingdee Cloud-Starry-Sky Enterprise Edition 6.x/7.x/8.x/9.0. It has been rated as critical. Affected by this issue is the function plugin.buildMobilePopHtml of the file \k3\o2o\bos\webapp\action\DynamicForm 4 Action.class of the component Freemarker Engine. The...
CVE-2025-6761 Kingdee Cloud-Starry-Sky Enterprise Edition Freemarker Engine DynamicForm 4 Action.class plugin.buildMobilePopHtml special elements used in a template engine
A vulnerability was found in Kingdee Cloud-Starry-Sky Enterprise Edition 6.x/7.x/8.x/9.0. It has been rated as critical. Affected by this issue is the function plugin.buildMobilePopHtml of the file \k3\o2o\bos\webapp\action\DynamicForm 4 Action.class of the component Freemarker Engine. The...
PT-2025-27075 · Kingdee +1 · Kingdee Cloud-Starry-Sky Enterprise Edition +1
Name of the Vulnerable Software and Affected Versions: Kingdee Cloud-Starry-Sky Enterprise Edition versions 6.x through 9.0 Description: A critical issue has been found, affecting the function plugin.buildMobilePopHtml of the file k3o2oboswebappactionDynamicForm 4 Action.class of the component...
Kingdee Cloud-Starry-Sky Enterprise Edition 安全漏洞
Kingdee Cloud-Starry-Sky Enterprise Edition is a digital transformation solution for growing enterprises from Kingdee, China. A security vulnerability exists in Kingdee Cloud-Starry-Sky Enterprise Edition version 6.x, 7.x, 8.x, and 9.0, which stems from improper neutralization of template element...
CVE-2025-5029
A vulnerability has been found in Kingdee Cloud Galaxy Private Cloud BBC System up to 9.0 Patch April 2025 and classified as critical. Affected by this vulnerability is the function BaseServiceFactory.getFileUploadService.deleteFileAction of the file fileUpload/deleteFileAction.jhtml of the...
CVE-2021-37274
Kingdee KIS Professional Edition has a privilege escalation vulnerability. Attackers can use the vulnerability to gain computer administrator rights via unspecified loopholes...