Yonbip Security Vulnerabilities and Issues — Yonbip CVE List

Lucene search

YonyouYonbip

6 matches found

CVE•added 2024/01/20 1:15 a.m.•41 views

CVE-2023-51926

YonBIP v3_23.05 was discovered to contain an arbitrary file read vulnerability via the nc.bs.framework.comn.serv.CommonServletDispatcher component.

7.5CVSS7.5AI score0.00253EPSS

CVE•added 2024/01/20 2:15 a.m.•37 views

CVE-2023-51924

An arbitrary file upload vulnerability in the uap.framework.rc.itf.IResourceManager interface of YonBIP v3_23.05 allows attackers to execute arbitrary code via uploading a crafted file.

9.8CVSS9.5AI score0.00535EPSS

CVE•added 2024/01/20 1:15 a.m.•35 views

CVE-2023-51928

An arbitrary file upload vulnerability in the nccloud.web.arcp.taskmonitor.action.ArcpUploadAction.doAction() method of YonBIP v3_23.05 allows attackers to execute arbitrary code via uploading a crafted file.

9.8CVSS9.5AI score0.00535EPSS

CVE•added 2024/01/20 2:15 a.m.•33 views

CVE-2023-51906

An issue in yonyou YonBIP v3_23.05 allows a remote attacker to execute arbitrary code via a crafted script to the ServiceDispatcherServlet uap.framework.rc.itf.IResourceManager component.

9.8CVSS9.4AI score0.02872EPSS

CVE•added 2024/01/20 2:15 a.m.•29 views

CVE-2023-51925

9.8CVSS9.5AI score0.00275EPSS

CVE•added 2024/01/20 1:15 a.m.•29 views

CVE-2023-51927

YonBIP v3_23.05 was discovered to contain a SQL injection vulnerability via the com.yonyou.hrcloud.attend.web.AttendScriptController.runScript() method.

9.8CVSS9.7AI score0.00133EPSS