CVE-2025-4531 | Seeyon Zhiyuan OA Web Application System 8.1 SP2 Beetl Template EhrSalaryPayrollServiceImpl.class postData payrollId code injection

Inserito da Angelo Barbosa | Mag 10, 2025 | CVE

A vulnerability was found in Seeyon Zhiyuan OA Web Application System 8.1 SP2. It has been rated as critical. Affected by this issue is the function postData of the file ROOTWEB-INFclassescomourswwwehrsalaryservicedataEhrSalaryPayrollServiceImpl.class of the component Beetl Template Handler. The manipulation of the argument payrollId leads to code injection.

This vulnerability is handled as CVE-2025-4531. The attack may be launched remotely. Furthermore, there is an exploit available.

CVE-2025-4531 | Seeyon Zhiyuan OA Web Application System 8.1 SP2 Beetl Template EhrSalaryPayrollServiceImpl.class postData payrollId code injection

Post correlati

CVE-2024-5767 | WP-FeedStats sitetweet Plugin up to 0.2 on WordPress cross site scripting

CVE-2025-0803 | Codezips Gym Management System 1.0 submit_plan_new.php planid sql injection

CVE-2024-33056 | Qualcomm Snapdragon Auto up to MDM SMEM Partition buffer over-read

CVE-2024-5134 | SourceCodester Electricity Consumption Monitoring Tool 1.0 delete-bill.php bill sql injection