CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CNVD•added 2026/02/03 12:0 a.m.•1 views

UFIDA U8 Cloud suffers from SQL injection vulnerability (CNVD-C-2026-69427)

5.8AI score

CNVD•added 2026/02/03 12:0 a.m.•3 views

UFIDA U8 Cloud suffers from SQL injection vulnerability (CNVD-C-2026-69425)

5.8AI score

RedhatCVE•added 2026/01/09 9:25 a.m.•4 views

CVE-2023-4748

A vulnerability, which was classified as critical, has been found in Yongyou UFIDA-NC up to 20230807. This issue affects some unknown processing of the file PrintTemplateFileServlet.java. The manipulation of the argument filePath leads to path traversal. The attack may be initiated remotely. The...

7.5CVSS7.3AI score0.00121EPSS

Exploits1References1

CNVD•added 2026/01/04 12:0 a.m.•1 views

Command Execution Vulnerability in U8 Cloud of UFIDA Network Technology Corporation (CNVD-C-2026-26052)

U8 Cloud is a new-generation cloud ERP Enterprise Resource Planning solution launched by UFIDA, mainly for growing and innovative enterprises, aiming to provide a comprehensive enterprise-level cloud ERP total solution. A command execution vulnerability exists in UFIDA U8 Cloud, which can be...

6.1AI score

CNVD•added 2025/12/31 12:0 a.m.•3 views

SQL injection vulnerability in U8+ Channel Management (Advanced Edition) at UFIDA Network Technology Co. Ltd (CNVD-C-2025-1245200)

U8+ Channel Management Advanced Edition is a set of channel management software, together with U8+ supply chain system and financial system, extending the enterprise management radius from the internal enterprise to the distribution channels and sales terminals. A SQL injection vulnerability exis...

RedhatCVE•added 2025/12/08 1:11 p.m.•2 views

CVE-2025-14190

A flaw has been found in Chanjet TPlus up to 20251121. Affected by this vulnerability is an unknown functionality of the file /tplus/ajaxpro/Ufida.T.SM.UIP.MultiCompanySettingController,Ufida.T.SM.UIP.ashx?method=Load. This manipulation of the argument currentAccId causes sql injection. It is...

7.5CVSS6.7AI score0.0003EPSS

Exploits0References1

NVD•added 2025/12/07 1:15 p.m.•1 views

CVE-2025-14190

7.5CVSS0.0003EPSS

Cvelist•added 2025/12/07 12:2 p.m.•14 views

CVE-2025-14190 Chanjet TPlus sql injection

7.5CVSS0.0003EPSS

CVE•added 2025/12/07 12:2 p.m.•9 views

CVE-2025-14190

Chanjet TPlus is affected by CVE-2025-14190 through a SQL injection in the parameter currentAccId used by the Load path: /tplus/ajaxpro/Ufida.T.SM.UIP.MultiCompanySettingController,Ufida.T.SM.UIP.ashx?method=Load. The flaw, exploitable remotely, stems from the unknown/undocumented functionality a...

7.5CVSS7.1AI score0.0003EPSS

Vulnrichment•added 2025/12/07 12:2 p.m.•1 views

CVE-2025-14190 Chanjet TPlus sql injection

7.5CVSS6.4AI score0.0003EPSS

Positive Technologies•added 2025/12/07 12:0 a.m.•1 views

PT-2025-49403

Name of the Vulnerable Software and Affected Versions Chanjet TPlus versions prior to 20251121 Description A flaw exists in Chanjet TPlus that allows for SQL injection. The issue is related to the manipulation of the currentAccId argument within the file...

7.5CVSS7.4AI score0.0003EPSS

Exploits0References11

CNVD•added 2025/11/26 12:0 a.m.•1 views

UFIDA U8 Cloud suffers from SQL injection vulnerability (CNVD-2026-12149)

CNVD•added 2025/11/24 12:0 a.m.•1 views

UFIDA U9 Multi-Organization Enterprise Internet Application Platform of UFIDA Network Technology Co.

UFIDA is a leading provider of management software, ERP software, group management software, human resource management software, customer relationship management software, small business management software, financial and administrative institution management software, automotive industry...

CNVD•added 2025/11/18 12:0 a.m.•2 views

Directory Traversal Vulnerability in UFIDA BIP Data Application Service of UFIDA Network Technology Co.

CNVD•added 2025/11/18 12:0 a.m.•2 views

SQL Injection Vulnerability in UFIDA BIP Data Application Service of UFIDA Network Technology Co. Ltd (CNVD-C-2025-879635)