CNNVD-202508-2888 Information

CNNVD ID

CNNVD-202508-2888

Related CVE

CVE-2025-9391

• CNNVD Published: 2025-08-24

Description (Chinese)

Bjskzy Zhiyou ERP是中国北京时空智友（Bjskzy）公司的一款企业资源计划软件。 Bjskzy Zhiyou ERP 11.0及之前版本存在安全漏洞，该漏洞源于对com.artery.workflow.ServiceImpl组件中参数sql的错误操作导致SQL注入。

Description (English)

Bjskzy Zhiyou ERP is an enterprise resource planning software for Bjskzy, China. Bjskzy Zhiyou ERP 11.0 and previous versions contain a security loophole resulting from an error in the SQL injection of the parameter sql in the com.artery.workworkwork.ServiceImpl component.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

北京时空智友

Published

2025-08-24

Last Modified

2026-02-24

References

https://www.yuque.com/u49060589/ek4il4/thnillii14w421ib?singleDoc# https://vuldb.com/?submit.631536 https://vuldb.com/?id.321224 https://vuldb.com/?ctiid.321224 https://nvd.nist.gov/vuln/detail/CVE-2025-9391