Zz Security Vulnerabilities and Issues — Zz CVE List

Lucene search

ZframeworksZz

14 matches found

CVE•added 2025/03/02 8:15 p.m.•73 views

CVE-2025-1831

A vulnerability classified as critical has been found in zj1983 zz up to 2024-8. Affected is the function GetDBUser of the file src/main/java/com/futvan/z/system/zorg/ZorgAction.java. The manipulation of the argument user_id leads to sql injection. It is possible to launch the attack remotely. The ...

9.8CVSS6.8AI score0.00055EPSS

CVE•added 2025/03/02 8:15 p.m.•59 views

CVE-2025-1830

A vulnerability was found in zj1983 zz up to 2024-8. It has been rated as problematic. This issue affects some unknown processing of the component Customer Information Handler. The manipulation of the argument Customer Name leads to cross site scripting. The attack may be initiated remotely. The ex...

4.8CVSS3.4AI score0.00056EPSS

CVE•added 2025/03/02 5:15 p.m.•58 views

CVE-2025-1820

A vulnerability has been found in zj1983 zz up to 2024-8 and classified as critical. Affected by this vulnerability is the function getOaWid of the file src/main/java/com/futvan/z/system/zworkflow/ZworkflowAction.java. The manipulation of the argument tableId leads to sql injection. The attack can ...

8.8CVSS7.3AI score0.00055EPSS

CVE•added 2025/03/02 10:15 p.m.•56 views

CVE-2025-1834

A vulnerability, which was classified as critical, was found in zj1983 zz up to 2024-8. This affects an unknown part of the file /resolve. The manipulation of the argument file leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public...

9.8CVSS7AI score0.00074EPSS

CVE•added 2025/03/03 4:15 a.m.•56 views

CVE-2025-1848

A vulnerability classified as critical has been found in zj1983 zz up to 2024-8. Affected is an unknown function of the file /import_data_check. The manipulation of the argument url leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to...

8.8CVSS6.5AI score0.0007EPSS

CVE•added 2025/03/02 7:15 p.m.•54 views

CVE-2025-1821

A vulnerability was found in zj1983 zz up to 2024-8 and classified as critical. Affected by this issue is the function getUserOrgForUserId of the file src/main/java/com/futvan/z/system/zorg/ZorgAction.java. The manipulation of the argument userID leads to sql injection. The attack may be launched r...

9.8CVSS6.7AI score0.00055EPSS

CVE•added 2025/03/02 9:15 p.m.•53 views

CVE-2025-1832

A vulnerability classified as critical was found in zj1983 zz up to 2024-8. Affected by this vulnerability is the function getUserList of the file src/main/java/com/futvan/z/system/zrole/ZroleAction.java. The manipulation of the argument roleid leads to sql injection. The attack can be launched rem...

8.8CVSS7.5AI score0.00055EPSS

CVE•added 2025/03/02 10:15 a.m.•52 views

CVE-2025-1813

A vulnerability classified as problematic was found in zj1983 zz up to 2024-08. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The ve...

6.5CVSS4.6AI score0.00019EPSS

CVE•added 2025/03/02 10:15 p.m.•50 views

CVE-2025-1833

A vulnerability, which was classified as critical, has been found in zj1983 zz up to 2024-8. Affected by this issue is the function sendNotice of the file src/main/java/com/futvan/z/erp/customer_notice/Customer_noticeAction.java of the component HTTP Request Handler. The manipulation of the argumen...

8.8CVSS6.4AI score0.0007EPSS

CVE•added 2025/03/02 4:15 p.m.•48 views

CVE-2025-1818

A vulnerability, which was classified as critical, has been found in zj1983 zz up to 2024-8. This issue affects some unknown processing of the file src/main/java/com/futvan/z/system/zfile/ZfileAction.upload. The manipulation of the argument file leads to unrestricted upload. The attack may be initi...

9.8CVSS6.8AI score0.00069EPSS

CVE•added 2025/03/03 3:15 a.m.•47 views

CVE-2025-1847

A vulnerability was found in zj1983 zz up to 2024-8. It has been rated as critical. This issue affects some unknown processing. The manipulation leads to improper authorization. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contac...

8.8CVSS6.4AI score0.0007EPSS

CVE•added 2025/03/03 3:15 a.m.•46 views

CVE-2025-1846

A vulnerability was found in zj1983 zz up to 2024-8. It has been declared as problematic. This vulnerability affects the function deleteLocalFile of the file src/main/java/com/futvan/z/system/zfile/ZfileAction.java of the component File Handler. The manipulation of the argument zids leads to denial...

6.5CVSS5.5AI score0.00168EPSS

CVE•added 2025/03/03 4:15 a.m.•42 views

CVE-2025-1849

A vulnerability classified as critical was found in zj1983 zz up to 2024-8. Affected by this vulnerability is an unknown functionality of the file /import_data_todb. The manipulation of the argument url leads to server-side request forgery. The attack can be launched remotely. The exploit has been ...

8.8CVSS6.5AI score0.0007EPSS

CVE•added 2025/03/02 9:15 a.m.•40 views

CVE-2025-1812

A vulnerability classified as critical has been found in zj1983 zz up to 2024-08. Affected is the function GetUserOrg of the file com/futvan/z/framework/core/SuperZ.java. The manipulation of the argument userId leads to sql injection. It is possible to launch the attack remotely. The exploit has be...

8.8CVSS6.8AI score0.00018EPSS