VYPR
Vendor

Zhiyou Group

Products
1
CVEs
3
Across products
3
Status
Private

Products

1

Recent CVEs

3
  • CVE-2025-11140HigSep 29, 2025
    risk 0.47cvss 7.3epss 0.01

    A vulnerability was identified in Bjskzy Zhiyou ERP up to 11.0. Affected by this vulnerability is the function openForm of the component com.artery.richclient.RichClientService. Such manipulation of the argument contentString leads to xml external entity reference. The attack…

  • CVE-2025-11139MedSep 29, 2025
    risk 0.41cvss 6.3epss 0.01

    A vulnerability was determined in Bjskzy Zhiyou ERP up to 11.0. Affected is the function uploadStudioFile of the component com.artery.form.services.FormStudioUpdater. This manipulation of the argument filepath causes path traversal. Remote exploitation of the attack is possible.…

  • CVE-2025-9391MedAug 24, 2025
    risk 0.41cvss 6.3epss 0.00

    A weakness has been identified in Bjskzy Zhiyou ERP up to 11.0. Affected by this issue is the function getFieldValue of the component com.artery.workflow.ServiceImpl. This manipulation of the argument sql causes sql injection. The attack may be initiated remotely. The exploit…