Yonyou

Ufida-nc

2 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
10

CVE-2025-34039

  • EPSS 0.55%
  • Published 24.06.2025 01:07:05
  • Last modified 26.06.2025 18:58:14

A code injection vulnerability exists in Yonyou UFIDA NC v6.5 and prior due to the exposure of the BeanShell testing servlet (bsh.servlet.BshServlet) without proper access controls. The servlet allows unauthenticated remote attackers to execute arbit...

7.5

CVE-2023-4748

Exploit
  • EPSS 0.09%
  • Published 05.09.2023 06:15:07
  • Last modified 21.11.2024 08:35:53

A vulnerability, which was classified as critical, has been found in Yongyou UFIDA-NC up to 20230807. This issue affects some unknown processing of the file PrintTemplateFileServlet.java. The manipulation of the argument filePath leads to path traver...