Lucene search
K

35 matches found

CNVD
CNVD
added 2026/02/04 12:0 a.m.5 views

UFIDA U8 Cloud suffers from SQL injection vulnerability (CNVD-C-2026-72551)

U8 Cloud is a new-generation cloud ERP Enterprise Resource Planning solution launched by UFIDA, mainly for growing and innovative enterprises, aiming to provide a comprehensive enterprise-level cloud ERP total solution. A SQL injection vulnerability exists in UFIDA U8 Cloud, which can be exploite...

5.8AI score
Exploits0
CNVD
CNVD
added 2026/02/03 12:0 a.m.4 views

UFIDA U8 Cloud suffers from SQL injection vulnerability (CNVD-C-2026-69425)

U8 Cloud is a new-generation cloud ERP Enterprise Resource Planning solution launched by UFIDA, mainly for growing and innovative enterprises, aiming to provide a comprehensive enterprise-level cloud ERP total solution. A SQL injection vulnerability exists in UFIDA U8 Cloud, which can be exploite...

5.8AI score
Exploits0
CNVD
CNVD
added 2026/02/03 12:0 a.m.5 views

UFIDA U8 Cloud suffers from SQL injection vulnerability (CNVD-C-2026-69427)

U8 Cloud is a new-generation cloud ERP Enterprise Resource Planning solution launched by UFIDA, mainly for growing and innovative enterprises, aiming to provide a comprehensive enterprise-level cloud ERP total solution. A SQL injection vulnerability exists in UFIDA U8 Cloud, which can be exploite...

5.8AI score
Exploits0
CNVD
CNVD
added 2026/01/04 12:0 a.m.1 views

Command Execution Vulnerability in U8 Cloud of UFIDA Network Technology Corporation (CNVD-C-2026-26052)

U8 Cloud is a new-generation cloud ERP Enterprise Resource Planning solution launched by UFIDA, mainly for growing and innovative enterprises, aiming to provide a comprehensive enterprise-level cloud ERP total solution. A command execution vulnerability exists in UFIDA U8 Cloud, which can be...

6.1AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/12/08 5:14 a.m.8 views

CVE-2025-14185

A vulnerability was identified in Yonyou U8 Cloud 5.0/5.0sp/5.1/5.1sp. The affected element is an unknown function of the file nc/pubitf/erm/mobile/appservice/AppServletService.class. Such manipulation of the argument usercode leads to sql injection. The attack may be launched remotely. The explo...

6.5CVSS7AI score0.002EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/07 6:30 a.m.6 views

EUVD-2025-201593

A vulnerability was identified in Yonyou U8 Cloud 5.0/5.0sp/5.1/5.1sp. The affected element is an unknown function of the file nc/pubitf/erm/mobile/appservice/AppServletService.class. Such manipulation of the argument usercode leads to sql injection. The attack may be launched remotely. The explo...

6.5CVSS6.4AI score0.002EPSS
Exploits0References5
NVD
NVD
added 2025/12/07 5:15 a.m.6 views

CVE-2025-14185

A vulnerability was identified in Yonyou U8 Cloud 5.0/5.0sp/5.1/5.1sp. The affected element is an unknown function of the file nc/pubitf/erm/mobile/appservice/AppServletService.class. Such manipulation of the argument usercode leads to sql injection. The attack may be launched remotely. The explo...

6.5CVSS0.002EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/12/07 5:2 a.m.5 views

CVE-2025-14185 Yonyou U8 Cloud AppServletService.class sql injection

A vulnerability was identified in Yonyou U8 Cloud 5.0/5.0sp/5.1/5.1sp. The affected element is an unknown function of the file nc/pubitf/erm/mobile/appservice/AppServletService.class. Such manipulation of the argument usercode leads to sql injection. The attack may be launched remotely. The explo...

6.5CVSS6.6AI score0.002EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/12/07 5:2 a.m.21 views

CVE-2025-14185 Yonyou U8 Cloud AppServletService.class sql injection

A vulnerability was identified in Yonyou U8 Cloud 5.0/5.0sp/5.1/5.1sp. The affected element is an unknown function of the file nc/pubitf/erm/mobile/appservice/AppServletService.class. Such manipulation of the argument usercode leads to sql injection. The attack may be launched remotely. The explo...

6.5CVSS0.002EPSS
Exploits0References4
CVE
CVE
added 2025/12/07 5:2 a.m.15 views

CVE-2025-14185

Yonyou U8 Cloud versions 5.0/5.0sp/5.1/5.1sp are affected by a SQL injection in an unknown function of nc/pubitf/erm/mobile/appservice/AppServletService.class. The vulnerability stems from manipulation of the usercode argument and can be exploited remotely. An exploit is publicly available; the v...

6.5CVSS6.4AI score0.002EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/12/07 12:0 a.m.7 views

PT-2025-49396

A vulnerability was identified in Yonyou U8 Cloud 5.0/5.0sp/5.1/5.1sp. The affected element is an unknown function of the file nc/pubitf/erm/mobile/appservice/AppServletService.class. Such manipulation of the argument usercode leads to sql injection. The attack may be launched remotely. The explo...

6.5CVSS7.1AI score0.002EPSS
Exploits0References5
CNVD
CNVD
added 2025/11/26 12:0 a.m.2 views

UFIDA U8 Cloud suffers from SQL injection vulnerability (CNVD-2026-12149)

U8 Cloud is a new-generation cloud ERP Enterprise Resource Planning solution launched by UFIDA, mainly for growing and innovative enterprises, aiming to provide a comprehensive enterprise-level cloud ERP total solution. A SQL injection vulnerability exists in UFIDA U8 Cloud, which can be exploite...

5.9AI score
Exploits0
CNVD
CNVD
added 2025/11/06 12:0 a.m.1 views

UFIDA U8 Cloud suffers from SQL injection vulnerabilities (CNVD-C-2025-796292)

U8 Cloud is a new-generation cloud ERP Enterprise Resource Planning solution launched by UFIDA, mainly for growing and innovative enterprises, aiming to provide a comprehensive enterprise-level cloud ERP total solution. A SQL injection vulnerability exists in UFIDA U8 Cloud, which can be exploite...

5.9AI score
Exploits0
CNVD
CNVD
added 2025/11/04 12:0 a.m.5 views

Remote Code Execution Vulnerability in U8 Cloud of UFIDA Network Technology Co.

U8 Cloud is a new-generation cloud ERP Enterprise Resource Planning solution launched by UFIDA, mainly for growing and innovative enterprises, aiming to provide a comprehensive enterprise-level cloud ERP total solution. A remote code execution vulnerability exists in UFIDA U8 Cloud, which can be...

6.6AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/10/29 2:16 a.m.15 views

CVE-2025-12344

A vulnerability has been found in Yonyou U8 Cloud up to 5.1sp. The impacted element is an unknown function of the file /service/NCloudGatewayServlet of the component Request Header Handler. Such manipulation of the argument ts/sign leads to unrestricted upload. The attack may be performed from...

6.5CVSS6.4AI score0.00234EPSS
Exploits0References1
NVD
NVD
added 2025/10/28 2:15 a.m.7 views

CVE-2025-12344

A vulnerability has been found in Yonyou U8 Cloud up to 5.1sp. The impacted element is an unknown function of the file /service/NCloudGatewayServlet of the component Request Header Handler. Such manipulation of the argument ts/sign leads to unrestricted upload. The attack may be performed from...

6.5CVSS0.00234EPSS
Exploits0References4
CVE
CVE
added 2025/10/28 1:32 a.m.15 views

CVE-2025-12344

Summary : CVE-2025-12344 affects Yonyou U8 Cloud up to 5.1sp. The vulnerability lies in an unknown function within /service/NCloudGatewayServlet (Request Header Handler) where manipulation of the ts/sign argument enables an unrestricted file upload. Exploitation can be performed remotely, and pub...

6.5CVSS6.2AI score0.00234EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/10/28 1:32 a.m.10 views

CVE-2025-12344 Yonyou U8 Cloud Request Header NCloudGatewayServlet unrestricted upload

A vulnerability has been found in Yonyou U8 Cloud up to 5.1sp. The impacted element is an unknown function of the file /service/NCloudGatewayServlet of the component Request Header Handler. Such manipulation of the argument ts/sign leads to unrestricted upload. The attack may be performed from...

6.5CVSS0.00234EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/10/28 1:32 a.m.2 views

CVE-2025-12344 Yonyou U8 Cloud Request Header NCloudGatewayServlet unrestricted upload

A vulnerability has been found in Yonyou U8 Cloud up to 5.1sp. The impacted element is an unknown function of the file /service/NCloudGatewayServlet of the component Request Header Handler. Such manipulation of the argument ts/sign leads to unrestricted upload. The attack may be performed from...

6.5CVSS6.2AI score0.00234EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/10/28 12:0 a.m.7 views

Yonyou U8 Cloud 代码问题漏洞

Yonyou U8 Cloud is a cloud-based enterprise management system from China's UFIDA Yonyou Corporation. A code issue vulnerability exists in Yonyou U8 Cloud 5.1sp and earlier versions, which stems from incorrect manipulation of the parameter ts/sign in the file/service/NCloudGatewayServlet, which...

6.5CVSS6.5AI score0.00234EPSS
Exploits0References5
Rows per page
Query Builder