VYPR

10OA

by erjinzhi

CVEs (4)

  • CVE-2025-10274MedSep 12, 2025
    risk 0.28cvss 4.3epss 0.00

    A security flaw has been discovered in erjinzhi 10OA 1.0. Affected by this issue is some unknown functionality of the file /trial/mvc/item. Performing manipulation of the argument Name results in cross site scripting. The attack may be initiated remotely. The exploit has been…

  • CVE-2025-10272MedSep 11, 2025
    risk 0.28cvss 4.3epss 0.00

    A vulnerability was determined in erjinzhi 10OA 1.0. Affected is an unknown function of the file /trial/mvc/catalogue. This manipulation of the argument Name causes cross site scripting. The attack can be initiated remotely. The exploit has been publicly disclosed and may be…

  • CVE-2025-10271MedSep 11, 2025
    risk 0.28cvss 4.3epss 0.00

    A vulnerability was found in erjinzhi 10OA 1.0. This impacts an unknown function of the file /trial/mvc/finder. The manipulation of the argument Name results in cross site scripting. It is possible to launch the attack remotely. The exploit has been made public and could be…

  • CVE-2025-10273LowSep 12, 2025
    risk 0.23cvss 3.5epss 0.01

    A vulnerability was identified in erjinzhi 10OA 1.0. Affected by this vulnerability is an unknown functionality of the file /view/file.aspx. Such manipulation of the argument File leads to path traversal. The exploit is publicly available and might be used. The vendor was…