CVE-2025-1847

A vulnerability was found in zj1983 zz up to 2024-8. It has been rated as critical. This issue affects some unknown processing. The manipulation leads to improper authorization. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was...

CVE-2025-1830

A vulnerability was found in zj1983 zz up to 2024-8. It has been rated as problematic. This issue affects some unknown processing of the component Customer Information Handler. The manipulation of the argument Customer Name leads to cross site scripting. The attack may be initiated remotely. The...

CVE-2025-1834

A vulnerability, which was classified as critical, was found in zj1983 zz up to 2024-8. This affects an unknown part of the file /resolve. The manipulation of the argument file leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the publ...

CVE-2025-1848

A vulnerability classified as critical has been found in zj1983 zz up to 2024-8. Affected is an unknown function of the file /importdatacheck. The manipulation of the argument url leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to...

CVE-2025-1820

A vulnerability has been found in zj1983 zz up to 2024-8 and classified as critical. Affected by this vulnerability is the function getOaWid of the file src/main/java/com/futvan/z/system/zworkflow/ZworkflowAction.java. The manipulation of the argument tableId leads to sql injection. The attack ca...

EUVD-2025-5849

Malicious code in bioql PyPI...

EUVD-2025-5857

Malicious code in bioql PyPI...

EUVD-2025-5868

Malicious code in bioql PyPI...

EUVD-2025-5824

Malicious code in bioql PyPI...

EUVD-2025-5851

Malicious code in bioql PyPI...

CVE-2025-1849

A vulnerability classified as critical was found in zj1983 zz up to 2024-8. Affected by this vulnerability is an unknown functionality of the file /importdatatodb. The manipulation of the argument url leads to server-side request forgery. The attack can be launched remotely. The exploit has been...

CVE-2025-1849

A vulnerability classified as critical was found in zj1983 zz up to 2024-8. Affected by this vulnerability is an unknown functionality of the file /importdatatodb. The manipulation of the argument url leads to server-side request forgery. The attack can be launched remotely. The exploit has been...

CVE-2025-1849

A vulnerability classified as critical was found in zj1983 zz up to 2024-8. Affected by this vulnerability is an unknown functionality of the file /importdatatodb. The manipulation of the argument url leads to server-side request forgery. The attack can be launched remotely. The exploit has been...

CVE-2025-1848

A vulnerability classified as critical has been found in zj1983 zz up to 2024-8. Affected is an unknown function of the file /importdatacheck. The manipulation of the argument url leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to...

CVE-2025-1848 zj1983 zz import_data_check server-side request forgery

A vulnerability classified as critical has been found in zj1983 zz up to 2024-8. Affected is an unknown function of the file /importdatacheck. The manipulation of the argument url leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to...

CVE-2025-1847

A vulnerability was found in zj1983 zz up to 2024-8. It has been rated as critical. This issue affects some unknown processing. The manipulation leads to improper authorization. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was...

CVE-2025-1846

A vulnerability was found in zj1983 zz up to 2024-8. It has been declared as problematic. This vulnerability affects the function deleteLocalFile of the file src/main/java/com/futvan/z/system/zfile/ZfileAction.java of the component File Handler. The manipulation of the argument zids leads to deni...

CVE-2025-1847

A vulnerability was found in zj1983 zz up to 2024-8. It has been rated as critical. This issue affects some unknown processing. The manipulation leads to improper authorization. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was...

zz 安全漏洞

zz is an e-commerce platform for zj1983 individual developers. A security vulnerability exists in zz 2024-8 and prior versions that stems from improper authorization...

PT-2025-9268 · Zj1983 Zz · Zj1983 Zz

Name of the Vulnerable Software and Affected Versions: zj1983 zz versions up to 2024-8 Description: A critical vulnerability has been found in the affected software. The issue is related to an unknown function of the file /import data check, where the manipulation of the url argument leads to...