漏洞描述
Yonyou YonBIP MA是中国用友(Yonyou)公司的一个商业创新平台。 Yonyou YonBIP MA 2.7版本存在路径遍历漏洞,该漏洞源于文件/mobsm/common/userfile中参数path操作不当,可能导致路径遍历攻击。
Yonyou YonBIP MA 路径遍历漏洞
PoC代码
暂无相关漏洞推荐
- yonyou-nc-arbitrary-file-upload: Yonyou NC Arbitrary file upload
- yonyou-nc-monitorservlet-rce: Yonyou NC monitors servlet RCE
- yonyou-nc-ncmessageservlet-rce: Yonyou NC messages servlet RCE
- yonyou-nc-uploadservlet-rce: Yonyou NC upload servlet rce
- yonyou-u8-oa-sqli: Yonyou U8 OA sqli
- POC CVE-2022-26263: Yonyou U8 13.0 - Cross-Site Scripting
- POC CVE-2025-2709: Yonyou UFIDA ERP-NC V5.0 - Cross-Site Scripting
- POC CVE-2025-2710: Yonyou UFIDA ERP-NC V5.0 - Cross-Site Scripting
- POC CVE-2025-2711: Yonyou UFIDA ERP-NC V5.0 - Cross-Site Scripting
- POC CVE-2025-2712: Yonyou UFIDA ERP-NC V5.0 - Cross-Site Scripting
- POC CNVD-2024-33023: Yonyou U8-Cloud ReleaseRepMngAction SQL Injection
- POC yonyou-grp-u8-sqli-to-rce: Yonyou Grp U8 sqli to rce
- POC yonyou-grp-u8-sqli: Yonyou Grp U8 sqli