All 7 CVE vulnerabilities found in Zhiyuan OA Web Application System, with AI-generated Chinese analysis, references, and POCs.
Vendor: Seeyon
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2021-4461 | Seeyon Zhiyuan OA Web Application System < 7.0 SP1 Authentication Bypass CWE-306 | 5.3AI | MediumAI | 2025-10-30 |
| CVE-2025-34040 | Seeyon Zhiyuan OA System Path Traversal File Upload CWE-434 | 9.8AI | CriticalAI | 2025-06-24 |
| CVE-2025-5140 | Seeyon Zhiyuan OA Web Application System ThirdMenuController.class this.oursNetService.getData server-side request forgery CWE-918 | 6.3 | Medium | 2025-05-25 |
| CVE-2025-4531 | Seeyon Zhiyuan OA Web Application System Beetl Template EhrSalaryPayrollServiceImpl.class postData code injection CWE-94 | 6.3 | Medium | 2025-05-11 |
| CVE-2025-4529 | Seeyon Zhiyuan OA Web Application System ZIP File M3CoreController.class download path traversal CWE-22 | 4.3 | Medium | 2025-05-11 |
| CVE-2025-4000 | Seeyon Zhiyuan OA Web Application System ssoproxy.jsp cross site scripting CWE-79 | 3.5 | Low | 2025-04-28 |
| CVE-2025-3999 | Seeyon Zhiyuan OA Web Application System URL Parameter date.jsp cross site scripting CWE-79 | 3.5 | Low | 2025-04-28 |
All 7 known CVE vulnerabilities affecting Zhiyuan OA Web Application System with full Chinese analysis, references, and POCs where available.