7 matches found
PT-2026-55262
Name of the Vulnerable Software and Affected Versions Yonyou KSOA version 9.0 Description An unauthenticated arbitrary file upload issue exists in the com.sksoft.bill.ImageUpload servlet. Unauthenticated attackers can upload arbitrary files by submitting a POST request to the endpoint without...
CVE-2024-24256
SQL Injection vulnerability in Yonyou space-time enterprise information integration platform v.9.0 and before allows an attacker to obtain sensitive information via the gwbhAIM parameter in the saveMove.jsp in the hrposition directory...
CVE-2024-24256
SQL Injection vulnerability in Yonyou space-time enterprise information integration platform v.9.0 and before allows an attacker to obtain sensitive information via the gwbhAIM parameter in the saveMove.jsp in the hrposition directory...
Sql injection
SQL Injection vulnerability in Yonyou space-time enterprise information integration platform v.9.0 and before allows an attacker to obtain sensitive information via the gwbhAIM parameter in the saveMove.jsp in the hrposition directory...
space-time enterprise information integration platform security vulnerability
The yonyou space-time enterprise information integration platform is an information integration platform from China's UFIDA yonyou company. A security vulnerability exists in Yonyou space-time enterprise information integration platform v.9.0 and earlier versions, which originated from a...
PT-2024-20327 · Yonyou · Yonyou Space-Time Enterprise Information Integration Platform
Name of the Vulnerable Software and Affected Versions: Yonyou space-time enterprise information integration platform versions 9.0 and earlier Description: The issue allows an attacker to obtain sensitive information via the gwbhAIM parameter in the "saveMove.jsp" file located in the "hr position"...
Yonyou UFIDA-NC Path Traversal Vulnerability
Yonyou UFIDA-NC is a large-scale ERP enterprise management system and e-commerce platform from China's UFIDA Network Technology Yonyou Company. A path traversal vulnerability exists in Yonyou UFIDA-NC 20230807 and earlier versions, which stems from the parameter filePath in the file...