Lucene search
K

7 matches found

Positive Technologies
Positive Technologies
added 4 days ago10 views

PT-2026-55262

Name of the Vulnerable Software and Affected Versions Yonyou KSOA version 9.0 Description An unauthenticated arbitrary file upload issue exists in the com.sksoft.bill.ImageUpload servlet. Unauthenticated attackers can upload arbitrary files by submitting a POST request to the endpoint without...

9.8CVSS6.4AI score0.0086EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2025/05/23 9:38 a.m.4 views

CVE-2024-24256

SQL Injection vulnerability in Yonyou space-time enterprise information integration platform v.9.0 and before allows an attacker to obtain sensitive information via the gwbhAIM parameter in the saveMove.jsp in the hrposition directory...

5.9CVSS7.5AI score0.0039EPSS
Exploits0References1
OSV
OSV
added 2024/02/15 8:15 a.m.2 views

CVE-2024-24256

SQL Injection vulnerability in Yonyou space-time enterprise information integration platform v.9.0 and before allows an attacker to obtain sensitive information via the gwbhAIM parameter in the saveMove.jsp in the hrposition directory...

5.9CVSS5.8AI score0.0039EPSS
Exploits0References1
Prion
Prion
added 2024/02/15 8:15 a.m.6 views

Sql injection

SQL Injection vulnerability in Yonyou space-time enterprise information integration platform v.9.0 and before allows an attacker to obtain sensitive information via the gwbhAIM parameter in the saveMove.jsp in the hrposition directory...

7.8AI score0.0039EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/02/15 12:0 a.m.3 views

space-time enterprise information integration platform security vulnerability

The yonyou space-time enterprise information integration platform is an information integration platform from China's UFIDA yonyou company. A security vulnerability exists in Yonyou space-time enterprise information integration platform v.9.0 and earlier versions, which originated from a...

5.9CVSS6.4AI score0.0039EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/02/15 12:0 a.m.4 views

PT-2024-20327 · Yonyou · Yonyou Space-Time Enterprise Information Integration Platform

Name of the Vulnerable Software and Affected Versions: Yonyou space-time enterprise information integration platform versions 9.0 and earlier Description: The issue allows an attacker to obtain sensitive information via the gwbhAIM parameter in the "saveMove.jsp" file located in the "hr position"...

5.9CVSS7.4AI score0.0039EPSS
Exploits0References5
CNNVD
CNNVD
added 2023/09/05 12:0 a.m.4 views

Yonyou UFIDA-NC Path Traversal Vulnerability

Yonyou UFIDA-NC is a large-scale ERP enterprise management system and e-commerce platform from China's UFIDA Network Technology Yonyou Company. A path traversal vulnerability exists in Yonyou UFIDA-NC 20230807 and earlier versions, which stems from the parameter filePath in the file...

7.5CVSS6.7AI score0.00765EPSS
Exploits1References4
Rows per page
Query Builder