Zz Security Vulnerabilities and Issues — Zz CVE List

Lucene search

ZframeworksZz

7 matches found

CVE•added 2025/03/02 5:15 p.m.•59 views

CVE-2025-1820

A vulnerability has been found in zj1983 zz up to 2024-8 and classified as critical. Affected by this vulnerability is the function getOaWid of the file src/main/java/com/futvan/z/system/zworkflow/ZworkflowAction.java. The manipulation of the argument tableId leads to sql injection. The attack can ...

8.8CVSS7.3AI score0.00044EPSS

CVE•added 2025/03/03 4:15 a.m.•57 views

CVE-2025-1848

A vulnerability classified as critical has been found in zj1983 zz up to 2024-8. Affected is an unknown function of the file /import_data_check. The manipulation of the argument url leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to...

8.8CVSS6.5AI score0.00069EPSS

CVE•added 2025/03/02 9:15 p.m.•54 views

CVE-2025-1832

A vulnerability classified as critical was found in zj1983 zz up to 2024-8. Affected by this vulnerability is the function getUserList of the file src/main/java/com/futvan/z/system/zrole/ZroleAction.java. The manipulation of the argument roleid leads to sql injection. The attack can be launched rem...

8.8CVSS7.5AI score0.00044EPSS

CVE•added 2025/03/02 10:15 p.m.•51 views

CVE-2025-1833

A vulnerability, which was classified as critical, has been found in zj1983 zz up to 2024-8. Affected by this issue is the function sendNotice of the file src/main/java/com/futvan/z/erp/customer_notice/Customer_noticeAction.java of the component HTTP Request Handler. The manipulation of the argumen...

8.8CVSS6.4AI score0.00069EPSS

CVE•added 2025/03/03 3:15 a.m.•48 views

CVE-2025-1847

A vulnerability was found in zj1983 zz up to 2024-8. It has been rated as critical. This issue affects some unknown processing. The manipulation leads to improper authorization. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contac...

8.8CVSS6.4AI score0.00069EPSS

CVE•added 2025/03/03 4:15 a.m.•43 views

CVE-2025-1849

A vulnerability classified as critical was found in zj1983 zz up to 2024-8. Affected by this vulnerability is an unknown functionality of the file /import_data_todb. The manipulation of the argument url leads to server-side request forgery. The attack can be launched remotely. The exploit has been ...

8.8CVSS6.5AI score0.00069EPSS

CVE•added 2025/03/02 9:15 a.m.•41 views

CVE-2025-1812

A vulnerability classified as critical has been found in zj1983 zz up to 2024-08. Affected is the function GetUserOrg of the file com/futvan/z/framework/core/SuperZ.java. The manipulation of the argument userId leads to sql injection. It is possible to launch the attack remotely. The exploit has be...

8.8CVSS6.8AI score0.00014EPSS