OpenCVE

Filtered by vendor Yonyou Subscriptions

Filtered by product Yonbip Subscriptions

Total 6 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2023-51928	1 Yonyou	1 Yonbip	2024-11-21	9.8 Critical
An arbitrary file upload vulnerability in the nccloud.web.arcp.taskmonitor.action.ArcpUploadAction.doAction() method of YonBIP v3_23.05 allows attackers to execute arbitrary code via uploading a crafted file.
CVE-2023-51927	1 Yonyou	1 Yonbip	2024-11-21	9.8 Critical
YonBIP v3_23.05 was discovered to contain a SQL injection vulnerability via the com.yonyou.hrcloud.attend.web.AttendScriptController.runScript() method.
CVE-2023-51926	1 Yonyou	1 Yonbip	2024-11-21	7.5 High
YonBIP v3_23.05 was discovered to contain an arbitrary file read vulnerability via the nc.bs.framework.comn.serv.CommonServletDispatcher component.
CVE-2023-51925	1 Yonyou	1 Yonbip	2024-11-21	9.8 Critical
An arbitrary file upload vulnerability in the nccloud.web.arcp.taskmonitor.action.ArcpUploadAction.doAction() method of YonBIP v3_23.05 allows attackers to execute arbitrary code via uploading a crafted file.
CVE-2023-51924	1 Yonyou	1 Yonbip	2024-11-21	9.8 Critical
An arbitrary file upload vulnerability in the uap.framework.rc.itf.IResourceManager interface of YonBIP v3_23.05 allows attackers to execute arbitrary code via uploading a crafted file.
CVE-2023-51906	1 Yonyou	1 Yonbip	2024-11-21	9.8 Critical
An issue in yonyou YonBIP v3_23.05 allows a remote attacker to execute arbitrary code via a crafted script to the ServiceDispatcherServlet uap.framework.rc.itf.IResourceManager component.

Page 1 of 1.