CVE-2025-4531 – Seeyon Zhiyuan OA Web Application System Remote Code Injection Vulnerability

May 11, 2025

CVE ID : CVE-2025-4531

Published : May 11, 2025, 6:15 a.m. | 23 minutes ago

Description : A vulnerability was found in Seeyon Zhiyuan OA Web Application System 8.1 SP2. It has been rated as critical. Affected by this issue is the function postData of the file ROOTWEB-INFclassescomourswwwehrsalaryservicedataEhrSalaryPayrollServiceImpl.class of the component Beetl Template Handler. The manipulation of the argument payrollId leads to code injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-4532 – Shanghai Bairui Information Technology SunloginClient DLL Search Path Vulnerability (Uncontrolled Search Path)

Next Article CVE-2025-4530 – Feng Ha Ha Megagao SSM-ERP/Production SSM Path Traversal Vulnerability

Can Good UX Protect Older Users From Digital Scams?

Warp 2.0 evolves terminal experience into an Agentic Development Environment

Qodo launches CLI agent framework

Overture Maps launches GERS, a system of unique IDs for global geospatial entities

Microsoft Copilot is “pretty important” but customers still prefer ChatGPT — “OpenAI has done a tremendous job”

Will you sync your Windows 10 PC data to the cloud for free access to security updates beyond 2025?

Red Hat Enterprise Linux (RHEL) quietly released an official image for WSL — but most of us won’t be able to use it

Sam Altman says ChatGPT has evolved beyond a mere “Google replacement” — with ads potentially coming to users

What Are the PHP Trends in 2025

What Are the PHP Trends in 2025

Real-Time Observability for Node.js – Without Code Changes

Elevating API Automation: Exploring Karate as an Alternative to Rest-Assured

Microsoft Copilot is “pretty important” but customers still prefer ChatGPT — “OpenAI has done a tremendous job”

Microsoft Copilot is “pretty important” but customers still prefer ChatGPT — “OpenAI has done a tremendous job”

Will you sync your Windows 10 PC data to the cloud for free access to security updates beyond 2025?

Red Hat Enterprise Linux (RHEL) quietly released an official image for WSL — but most of us won’t be able to use it

CVE-2025-4531 – Seeyon Zhiyuan OA Web Application System Remote Code Injection Vulnerability

Citrix Bleed 2 Flaw Enables Token Theft; SAP GUI Flaws Risk Sensitive Data Exposure

CVE-2025-3863 – Elementor WordPress Post Carousel Slider Improper Authorization Vulnerability

Google DeepMind Research Introduces QuestBench: Evaluating LLMs’ Ability to Identify Missing Information in Reasoning Tasks

CVE-2025-5282 – WordPress WP Travel Engine Tour Booking Plugin Unauthenticated Post Deletion Vulnerability

CVE-2025-32363 – mediDOK Deserialization Remote Code Execution Vulnerability

Google DeepMind at ICLR 2024

Vine Linux is a Linux distribution with an integrated Japanese environment

CVE-2025-3906 – Eduzz WooCommerce Unauthorized Data Modification Vulnerability

ChatGPT Alternatives: Exploring Free, Open-Source and Affordable AI Models

Adobe brings four highly-requested Premiere Pro AI features out of beta

CVE-2025-4531 – Seeyon Zhiyuan OA Web Application System Remote Code Injection Vulnerability

Related Posts