Yonyou — Vulnerabilities & Security Advisories 27

Browse all 27 CVE security advisories affecting Yonyou. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by Yonyou:KSOA UFIDA ERP-NC U8 Cloud YonBIP

CVE ID	Title	CVSS	Severity	Published
CVE-2026-1179	Yonyou KSOA HTTP GET Parameter user_popedom.jsp sql injection — KSOACWE-89	7.3	High	2026-01-19
CVE-2026-1178	Yonyou KSOA HTTP GET Parameter select.jsp sql injection — KSOACWE-89	7.3	High	2026-01-19
CVE-2026-1177	Yonyou KSOA HTTP GET Parameter save_folder.jsp sql injection — KSOACWE-89	7.3	High	2026-01-19
CVE-2026-1133	Yonyou KSOA HTTP GET Parameter folder.jsp sql injection — KSOACWE-89	7.3	High	2026-01-19
CVE-2026-1132	Yonyou KSOA HTTP GET Parameter edit_folder.jsp sql injection — KSOACWE-89	7.3	High	2026-01-19
CVE-2026-1131	Yonyou KSOA HTTP GET Parameter save_catalog.jsp sql injection — KSOACWE-89	7.3	High	2026-01-19
CVE-2026-1130	Yonyou KSOA HTTP GET Parameter worksadd_plan.jsp sql injection — KSOACWE-89	7.3	High	2026-01-19
CVE-2026-1129	Yonyou KSOA HTTP GET Parameter worksadd.jsp sql injection — KSOACWE-89	7.3	High	2026-01-19
CVE-2026-1124	Yonyou KSOA HTTP GET Parameter work_report.jsp sql injection — KSOACWE-89	7.3	High	2026-01-18
CVE-2026-1123	Yonyou KSOA HTTP GET Parameter work_mod.jsp sql injection — KSOACWE-89	7.3	High	2026-01-18
CVE-2026-1122	Yonyou KSOA HTTP GET Parameter work_info.jsp sql injection — KSOACWE-89	7.3	High	2026-01-18
CVE-2026-1121	Yonyou KSOA HTTP GET Parameter del_workplan.jsp sql injection — KSOACWE-89	7.3	High	2026-01-18
CVE-2026-1120	Yonyou KSOA HTTP GET Parameter del_work.jsp sql injection — KSOACWE-89	7.3	High	2026-01-18
CVE-2025-15436	Yonyou KSOA work_edit.jsp sql injection — KSOACWE-89	7.3	High	2026-01-02
CVE-2025-15435	Yonyou KSOA work_update.jsp sql injection — KSOACWE-89	7.3	High	2026-01-02
CVE-2025-15434	Yonyou KSOA PrintZPYG.jsp sql injection — KSOACWE-89	7.3	High	2026-01-02
CVE-2025-15425	Yonyou KSOA HTTP GET Parameter del_user.jsp sql injection — KSOACWE-89	7.3	High	2026-01-02
CVE-2025-15424	Yonyou KSOA HTTP GET Parameter agent_worksdel.jsp sql injection — KSOACWE-89	7.3	High	2026-01-02
CVE-2025-15421	Yonyou KSOA HTTP GET Parameter agent_worksadd.jsp sql injection — KSOACWE-89	7.3	High	2026-01-02
CVE-2025-15420	Yonyou KSOA agent_work_report.jsp sql injection — KSOACWE-89	7.3	High	2026-01-02
CVE-2025-14185	Yonyou U8 Cloud AppServletService.class sql injection — U8 CloudCWE-89	6.3	Medium	2025-12-07
CVE-2025-12344	Yonyou U8 Cloud Request Header NCloudGatewayServlet unrestricted upload — U8 CloudCWE-434	6.3	Medium	2025-10-28
CVE-2025-3562	Yonyou YonBIP userfile FileInputStream path traversal — YonBIPCWE-22	4.3	Medium	2025-04-14
CVE-2025-2712	Yonyou UFIDA ERP-NC top.jsp cross site scripting — UFIDA ERP-NCCWE-79	4.3	Medium	2025-03-24
CVE-2025-2711	Yonyou UFIDA ERP-NC systop.jsp cross site scripting — UFIDA ERP-NCCWE-79	4.3	Medium	2025-03-24
CVE-2025-2710	Yonyou UFIDA ERP-NC menu.jsp cross site scripting — UFIDA ERP-NCCWE-79	4.3	Medium	2025-03-24
CVE-2025-2709	Yonyou UFIDA ERP-NC login.jsp cross site scripting — UFIDA ERP-NCCWE-79	4.3	Medium	2025-03-24

This page lists every published CVE security advisory associated with Yonyou. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.

Goal Reached Thanks to every supporter — we hit 100%!

Yonyou — Vulnerabilities & Security Advisories 27