372 matches found
CVE-2025-25325
An issue in Yibin Fengguan Network Technology Co., Ltd YuPao DirectHire iOS 8.8.0 allows attackers to access sensitive user information via supplying a crafted link...
CVE-2025-25325
An issue in Yibin Fengguan Network Technology Co., Ltd YuPao DirectHire iOS 8.8.0 allows attackers to access sensitive user information via supplying a crafted link...
CVE-2025-25325
CVE-2025-25325 affects YuPao DirectHire for iOS 8.8.0. The issue allows attackers to access sensitive user information when a crafted link is supplied. Reported impact is confidentiality (high) with a CVSS v3.1 base score of 5.5 (medium); attack vector is Local, required user interaction, and no ...
SQL Injection Vulnerability in Data Application Server of UFIDA Network Technology Co.
UFIDA is a leading provider of management software, ERP software, group management software, human resource management software, customer relationship management software, small business management software, financial and administrative institution management software, automotive industry...
SQL Injection Vulnerability in UFIDA NC of UFIDA Network Technology Co.
UFIDA NC is a comprehensive business management software for large enterprises. A SQL injection vulnerability exists in UFIDA NC, which can be exploited by attackers to obtain sensitive database information...
SQL Injection Vulnerability in UFIDA NC of UFIDA Network Technology Co. Ltd (CNVD-C-2024-947797)
UFIDA NC is a large erp enterprise management system and e-commerce platform. A SQL injection vulnerability exists in UFIDA NC, which can be exploited by attackers to obtain sensitive database information...
Command Execution Vulnerability in UFIDA NC at UFIDA Network Technology Co.
UFIDA NC is a large erp enterprise management system and e-commerce platform. A command execution vulnerability exists in UFIDA NC, which can be exploited by an attacker to execute arbitrary commands...
Arbitrary File Read Vulnerability in YonBIP of UFIDA Network Technology Co.
YonBIP is a new generation of UFIDA's world-leading enterprise digital intelligence platform and application software, which UFIDA began to strategically invest in and develop at scale in 2017. An arbitrary file read vulnerability exists in YonBIP of UFIDA Network Technology Corporation, which ca...
Arbitrary File Read Vulnerability in UFIDA NC at UFIDA Network Technology Co.
UFIDA NC is a large erp enterprise management system and e-commerce platform. UFIDA NC suffers from an arbitrary file read vulnerability that can be exploited by attackers to obtain sensitive information...
XML Entity Injection Vulnerability in UFIDA NC at UFIDA Network Technology Co.
UFIDA NC is a comprehensive business management software for large enterprises. An XML entity injection vulnerability exists in UFIDA NC, which can be exploited by attackers to obtain sensitive information...
Information Disclosure Vulnerability in YonBIP of UFIDA Network Technology Co.
YonBIP is a digital intelligence business innovation platform created by UFIDA Group, aiming to help enterprises realize digital intelligence transformation and business innovation. An information leakage vulnerability exists in YonBIP of UFIDA Network Technology Corporation, which can be exploit...
CVE-2024-51419
Cross Site Scripting vulnerability in Shenzhen Interconnection Harbor Network Technology Co., Ltd Ofweek Online Exhibition v.1.0.0 allows a remote attacker to execute arbitrary code...
CVE-2024-51419
Cross Site Scripting vulnerability in Shenzhen Interconnection Harbor Network Technology Co., Ltd Ofweek Online Exhibition v.1.0.0 allows a remote attacker to execute arbitrary code...
Information Leakage Vulnerability in AIFL Flow Control Router of AllConvergence Network Technology (Beijing) Co.
AiFast Flow Control Router is a router product of Quanxun Convergence Network Technology Beijing Co. Ltd. AiFast Flow Control Router has an information leakage vulnerability that can be exploited by attackers to obtain sensitive information...
CVE-2024-44439
CVE-2024-44439 concerns Shanghai Zhouma Network Technology CO., Ltd IMS Intelligent Manufacturing Collaborative Internet of Things System v1.9.1. The available sources describe a vulnerability that could allow a remote attacker to escalate privileges via an open port. Affected component/version: ...
Command Execution Vulnerability in FW Next Generation Firewall of Shanghai Bingfeng Computer Network Technology Co.
Shanghai Bingfeng Computer Network Technology Co., Ltd. specializes in the research and development and sales of VPN, firewall, Internet behavior management and other network security products, and is committed to providing China's network communication operators and enterprises and institutions...
File upload vulnerability exists in U8+CRM of UFIDA Network Technology Co.(CNVD-2024-39247)
U8+CRM is a management software designed specifically for the agency sales and service industry that integrates CRM, call center, and OA core applications and provides integrated applications for front-end marketing, back-end business processing, and employee management. A file upload vulnerabili...
CVE-2024-8165
A vulnerability was identified in Chengdu Everbrite Network Technology BeikeShop up to 1.5.5. This vulnerability affects the function exportZip of the file /admin/filemanager/export. Such manipulation of the argument path leads to path traversal. The attack can be launched remotely. The exploit i...
CVE-2024-8165 Chengdu Everbrite Network Technology BeikeShop export exportZip path traversal
A vulnerability was identified in Chengdu Everbrite Network Technology BeikeShop up to 1.5.5. This vulnerability affects the function exportZip of the file /admin/filemanager/export. Such manipulation of the argument path leads to path traversal. The attack can be launched remotely. The exploit i...
CVE-2024-8165
BeikeShop (Chengdu Everbrite Network Technology) vulnerable up to version 1.5.5 due to a path traversal in the exportZip function of /admin/file_manager/export. The issue arises from manipulation of the path argument, enabling remote exploitation. Public exploit availability is noted; upgrading t...