CVE-2025-4531 – Seeyon Zhiyuan OA Web Application System Remote Code Injection Vulnerability

May 11, 2025

CVE ID : CVE-2025-4531

Published : May 11, 2025, 6:15 a.m. | 23 minutes ago

Description : A vulnerability was found in Seeyon Zhiyuan OA Web Application System 8.1 SP2. It has been rated as critical. Affected by this issue is the function postData of the file ROOTWEB-INFclassescomourswwwehrsalaryservicedataEhrSalaryPayrollServiceImpl.class of the component Beetl Template Handler. The manipulation of the argument payrollId leads to code injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-4532 – Shanghai Bairui Information Technology SunloginClient DLL Search Path Vulnerability (Uncontrolled Search Path)

Next Article CVE-2025-4530 – Feng Ha Ha Megagao SSM-ERP/Production SSM Path Traversal Vulnerability

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

Triple 4K 144Hz displays from something this small blows my mind — CalDigit’s Element 5 Hub tested and reviewed

Ori and the Blind Forest studio head says they could be forced to “shut down” due to the impact of negative Steam reviews for ‘No Rest for the Wicked’

Windows Phone just got its first AI ChatGPT-style app. No, really.

New Xbox games launching this week, from May 12 through May 18 — DOOM: The Dark Ages arrives on Xbox Game Pass

Brisa v0.2.13

Brisa v0.2.13

Build Digital Assets & Earn Through Referrals with Biela — A Genuine Opportunity for Entrepreneurs

Laravel Routing

Triple 4K 144Hz displays from something this small blows my mind — CalDigit’s Element 5 Hub tested and reviewed

Triple 4K 144Hz displays from something this small blows my mind — CalDigit’s Element 5 Hub tested and reviewed

Ori and the Blind Forest studio head says they could be forced to “shut down” due to the impact of negative Steam reviews for ‘No Rest for the Wicked’

Windows Phone just got its first AI ChatGPT-style app. No, really.

CVE-2025-4531 – Seeyon Zhiyuan OA Web Application System Remote Code Injection Vulnerability

SonicWall Confirms Active Exploitation of Flaws Affecting Multiple Appliance Models

Commvault Confirms Hackers Exploited CVE-2025-3928 as Zero-Day in Azure Breach

Billions of Apple Devices at Risk from “AirBorne” AirPlay Vulnerabilities

HCL Commerce Containers Explained

CVE-2025-3966 – Itwang Paicoding File Information Disclosure Vulnerability

I went to an Apple store to check out the thinnest iPads ever. Does 0.08 inches really make a difference?

Indiana Jones was the second best-selling game in the US its debut week, behind another Xbox property

Cognitive Biases in UX Design

Microsoft makes Windows 11’s Narrator app a lot more useful with these new killer functions

Le notizie minori del mondo GNU/Linux e dintorni della settimana nr 6/2025

CVE-2025-4531 – Seeyon Zhiyuan OA Web Application System Remote Code Injection Vulnerability

Related Posts