CVE-2025-15434 | Yonyou KSOA 9.0 /kp/PrintZPYG.jsp zpjhid sql injection

Inserito da Angelo Barbosa | Gen 1, 2026 | CVE

A vulnerability classified as critical was found in Yonyou KSOA 9.0. Affected is an unknown function of the file /kp/PrintZPYG.jsp. The manipulation of the argument zpjhid results in sql injection.

This vulnerability is known as CVE-2025-15434. It is possible to launch the attack remotely. Furthermore, an exploit is available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-15434 | Yonyou KSOA 9.0 /kp/PrintZPYG.jsp zpjhid sql injection

Post correlati

CVE-2025-38514 | Linux Kernel up to 6.15.6 AF_RXRPC Service rxrpc_alloc_incoming_call allocation of resources (EUVD-2025-25084)

CVE-2024-3956 | Pods Plugin up to 3.2.1 on WordPress Pod Form Redirect URL cross site scripting

CVE-2025-1553 | pankajindevops scale up to 3633544a00245d3df88b6d13d9b3dd0f411be7f6 /scale/project goal cross site scripting

CVE-2023-6278 | Biteship Plugin up to 2.2.24 on WordPress biteship_error/biteship_message cross site scripting