漏洞描述
用友 Yonyou UFIDA ERP-NC是中国Yonyou(用友)公司的一个电子商务平台。 Yonyou UFIDA ERP-NC 5.0版本存在代码注入漏洞,该漏洞源于跨站脚本攻击,可能导致远程攻击。
Yonyou UFIDA ERP-NC 代码注入漏洞
PoC代码
暂无相关漏洞推荐
- yonyou-nc-arbitrary-file-upload: Yonyou NC Arbitrary file upload
- yonyou-nc-monitorservlet-rce: Yonyou NC monitors servlet RCE
- yonyou-nc-ncmessageservlet-rce: Yonyou NC messages servlet RCE
- yonyou-nc-uploadservlet-rce: Yonyou NC upload servlet rce
- yonyou-u8-oa-sqli: Yonyou U8 OA sqli
- yonyou-ufida-oa-uapws-xxe: 用友 UFIDA OA XXE
- POC CVE-2022-26263: Yonyou U8 13.0 - Cross-Site Scripting
- POC CVE-2025-2709: Yonyou UFIDA ERP-NC V5.0 - Cross-Site Scripting
- POC CVE-2025-2710: Yonyou UFIDA ERP-NC V5.0 - Cross-Site Scripting
- POC CVE-2025-2711: Yonyou UFIDA ERP-NC V5.0 - Cross-Site Scripting
- POC CVE-2025-2712: Yonyou UFIDA ERP-NC V5.0 - Cross-Site Scripting
- POC CNVD-2024-33023: Yonyou U8-Cloud ReleaseRepMngAction SQL Injection
- POC CVD-2023-3118: 用友 UFIDA ActionHandlerServlet 反序列化漏洞