Lucene search
K

58 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:25 a.m.7 views

CVE-2023-4748

A vulnerability, which was classified as critical, has been found in Yongyou UFIDA-NC up to 20230807. This issue affects some unknown processing of the file PrintTemplateFileServlet.java. The manipulation of the argument filePath leads to path traversal. The attack may be initiated remotely. The...

7.5CVSS7.3AI score0.00765EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-19039

Malicious code in bioql PyPI...

10CVSS6.6AI score0.00501EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-54596

Malicious code in bioql PyPI...

7.5CVSS6.8AI score0.00765EPSS
Exploits1References3
NVD
NVD
added 2025/06/24 2:15 a.m.9 views

CVE-2025-34039

A code injection vulnerability exists in Yonyou UFIDA NC v6.5 and prior due to the exposure of the BeanShell testing servlet bsh.servlet.BshServlet without proper access controls. The servlet allows unauthenticated remote attackers to execute arbitrary Java code via the bsh.script parameter. This...

10CVSS0.00501EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/06/24 1:7 a.m.5 views

CVE-2025-34039 Yonyou NC BeanShell Command Injection

A code injection vulnerability exists in Yonyou UFIDA NC v6.5 and prior due to the exposure of the BeanShell testing servlet bsh.servlet.BshServlet without proper access controls. The servlet allows unauthenticated remote attackers to execute arbitrary Java code via the bsh.script parameter. This...

10CVSS8.2AI score0.00501EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/06/24 12:0 a.m.5 views

Yonyou UFIDA NC 安全漏洞

Yonyou UFIDA NC is a high-end management software from China's UFIDA Yonyou Corporation. A security vulnerability exists in Yonyou UFIDA NC v6.5 and prior versions, which originates from a code injection attack due to exposure of a BeanShell test servlet...

10CVSS7.2AI score0.00501EPSS
Exploits0References4
VulnCheck KEV
VulnCheck KEV
added 2025/06/23 12:0 a.m.3 views

VulnCheck KEV: CVE-2025-34039

A code injection vulnerability exists in Yonyou UFIDA NC v6.5 and prior due to the exposure of the BeanShell testing servlet bsh.servlet.BshServlet without proper access controls. The servlet allows unauthenticated remote attackers to execute arbitrary Java code via the bsh.script parameter. This...

10CVSS6.2AI score0.00501EPSS
In wildExploits0References87
CNVD
CNVD
added 2025/02/21 12:0 a.m.7 views

SQL Injection Vulnerability in UFIDA NC of UFIDA Network Technology Co.

UFIDA NC is a comprehensive business management software for large enterprises. A SQL injection vulnerability exists in UFIDA NC, which can be exploited by attackers to obtain sensitive database information...

7.8AI score
Exploits0
CNVD
CNVD
added 2025/01/14 12:0 a.m.9 views

SQL Injection Vulnerability in UFIDA NC of UFIDA Network Technology Co.

UFIDA NC is a large erp enterprise management system and e-commerce platform. A SQL injection vulnerability exists in UFIDA NC, which can be exploited by attackers to obtain sensitive database information...

7.8AI score
Exploits0
CNVD
CNVD
added 2024/12/07 12:0 a.m.4 views

SQL Injection Vulnerability in UFIDA NC of UFIDA Network Technology Co. Ltd (CNVD-C-2024-947797)

UFIDA NC is a large erp enterprise management system and e-commerce platform. A SQL injection vulnerability exists in UFIDA NC, which can be exploited by attackers to obtain sensitive database information...

7.8AI score
Exploits0
CNVD
CNVD
added 2024/11/29 12:0 a.m.5 views

Command Execution Vulnerability in UFIDA NC at UFIDA Network Technology Co.

UFIDA NC is a large erp enterprise management system and e-commerce platform. A command execution vulnerability exists in UFIDA NC, which can be exploited by an attacker to execute arbitrary commands...

7.8AI score
Exploits0
CNVD
CNVD
added 2024/11/26 12:0 a.m.7 views

Arbitrary File Read Vulnerability in UFIDA NC at UFIDA Network Technology Co.

UFIDA NC is a large erp enterprise management system and e-commerce platform. UFIDA NC suffers from an arbitrary file read vulnerability that can be exploited by attackers to obtain sensitive information...

6.9AI score
Exploits0
CNVD
CNVD
added 2024/11/25 12:0 a.m.3 views

SQL Injection Vulnerability in NC of UFIDA Network Technology Co.

UFIDA is a leading provider of management software, ERP software, group management software, human resource management software, customer relationship management software, small business management software, financial and administrative institution management software, automotive industry...

7.5AI score
Exploits0
CNVD
CNVD
added 2024/11/23 12:0 a.m.5 views

XML Entity Injection Vulnerability in UFIDA NC at UFIDA Network Technology Co.

UFIDA NC is a comprehensive business management software for large enterprises. An XML entity injection vulnerability exists in UFIDA NC, which can be exploited by attackers to obtain sensitive information...

7AI score
Exploits0
CNVD
CNVD
added 2024/11/12 12:0 a.m.7 views

SQL Injection Vulnerability in UFIDA NC of UFIDA Network Technology Co.

UFIDA NC is a large erp enterprise management system and e-commerce platform. A SQL injection vulnerability exists in UFIDA NC, which can be exploited by attackers to obtain sensitive database information...

7.8AI score
Exploits0
CNVD
CNVD
added 2024/11/12 12:0 a.m.4 views

SQL Injection Vulnerability in UFIDA NC of UFIDA Network Technology Co.

UFIDA NC is a large erp enterprise management system and e-commerce platform. A SQL injection vulnerability exists in UFIDA NC, which can be exploited by attackers to obtain sensitive database information...

7.8AI score
Exploits0
CNVD
CNVD
added 2024/11/11 12:0 a.m.5 views

Information Disclosure Vulnerability in UFIDA NC Cloud of UFIDA Network Technology Co.

UFIDA NC Cloud is a large enterprise digitalization platform that supports flexible deployment modes of public, hybrid and proprietary clouds. An information disclosure vulnerability exists in UFIDA NC Cloud, which can be exploited by attackers to obtain sensitive information...

6.4AI score
Exploits0
CNVD
CNVD
added 2024/07/18 12:0 a.m.2 views

File upload vulnerability exists in UFIDA NC of UFIDA Network Technology Co.(CNVD-2024-35510)

UFIDA NC is a large erp enterprise management system and e-commerce platform. A file upload vulnerability exists in UFIDA NC, which can be exploited by attackers to gain server privileges...

7.3AI score
Exploits0
CNVD
CNVD
added 2024/07/17 12:0 a.m.5 views

Command Execution Vulnerability in UFIDA NC Cloud at UFIDA Network Technology Co.

UFIDA NC Cloud is a large-scale enterprise digitalization platform launched by UFIDA Network Technology Co. A command execution vulnerability exists in UFIDA NC Cloud, which can be exploited by an attacker to execute arbitrary commands...

7.8AI score
Exploits0
CNVD
CNVD
added 2024/06/19 12:0 a.m.3 views

SQL Injection Vulnerability in UFIDA NC of UFIDA Network Technology Co. Ltd (CNVD-2024-31573)

UFIDA NC is a large erp enterprise management system and e-commerce platform. A SQL injection vulnerability exists in UFIDA NC, which can be exploited by attackers to obtain sensitive database information...

7.8AI score
Exploits0
Rows per page
Query Builder