Total
6 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-51928 | 1 Yonyou | 1 Yonbip | 2024-01-26 | N/A | 9.8 CRITICAL |
| An arbitrary file upload vulnerability in the nccloud.web.arcp.taskmonitor.action.ArcpUploadAction.doAction() method of YonBIP v3_23.05 allows attackers to execute arbitrary code via uploading a crafted file. | |||||
| CVE-2023-51927 | 1 Yonyou | 1 Yonbip | 2024-01-26 | N/A | 9.8 CRITICAL |
| YonBIP v3_23.05 was discovered to contain a SQL injection vulnerability via the com.yonyou.hrcloud.attend.web.AttendScriptController.runScript() method. | |||||
| CVE-2023-51906 | 1 Yonyou | 1 Yonbip | 2024-01-26 | N/A | 9.8 CRITICAL |
| An issue in yonyou YonBIP v3_23.05 allows a remote attacker to execute arbitrary code via a crafted script to the ServiceDispatcherServlet uap.framework.rc.itf.IResourceManager component. | |||||
| CVE-2023-51924 | 1 Yonyou | 1 Yonbip | 2024-01-26 | N/A | 9.8 CRITICAL |
| An arbitrary file upload vulnerability in the uap.framework.rc.itf.IResourceManager interface of YonBIP v3_23.05 allows attackers to execute arbitrary code via uploading a crafted file. | |||||
| CVE-2023-51926 | 1 Yonyou | 1 Yonbip | 2024-01-26 | N/A | 7.5 HIGH |
| YonBIP v3_23.05 was discovered to contain an arbitrary file read vulnerability via the nc.bs.framework.comn.serv.CommonServletDispatcher component. | |||||
| CVE-2023-51925 | 1 Yonyou | 1 Yonbip | 2024-01-26 | N/A | 9.8 CRITICAL |
| An arbitrary file upload vulnerability in the nccloud.web.arcp.taskmonitor.action.ArcpUploadAction.doAction() method of YonBIP v3_23.05 allows attackers to execute arbitrary code via uploading a crafted file. | |||||