Seeyon

seeyon

7 CVEs • 4 products

Products (4)

Click to collapse

Toggle

Oa Web Application System

oa_web_application_system

G6 Government Collaborative System

g6_government_collaborative_system

Fe Collaborative Office Platform

fe_collaborative_office_platform

A8+ Collaborative Management

a8+_collaborative_management

CVEs (7)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-56451 1Seeyon 1A8+ Collaborative Management Jun 17, 2026 Jan 16, 2026 N/A· v4 6.1 MEDIUM· v3 N/A· v2 Cross site scripting vulnerability in seeyon Zhiyuan A8+ Collaborative Management Software 7.0 via the topValue parameter to the seeyon/main.do endpoint.
CVE-2025-4531 1Seeyon 1Oa Web Application System Jun 17, 2026 May 11, 2025 5.3 MEDIUM· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 A vulnerability was found in Seeyon Zhiyuan OA Web Application System 8.1 SP2. It has been rated as critical. Affected by this issue is the function postData of the file ROOT\WEB-INF\classes\com\ours\www\ehr\salary\servi...Show more A vulnerability was found in Seeyon Zhiyuan OA Web Application System 8.1 SP2. It has been rated as critical. Affected by this issue is the function postData of the file ROOT\WEB-INF\classes\com\ours\www\ehr\salary\service\data\EhrSalaryPayrollServiceImpl.class of the component Beetl Template Handler. The manipulation of the argument payrollId leads to code injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2025-4529 1Seeyon 1Oa Web Application System Jun 17, 2026 May 11, 2025 5.3 MEDIUM· v4 4.3 MEDIUM· v3 4.0 MEDIUM· v2 A vulnerability was found in Seeyon Zhiyuan OA Web Application System 8.1 SP2. It has been classified as problematic. Affected is the function Download of the file seeyon\opt\Seeyon\A8\ApacheJetspeed\webapps\seeyon\WEB-I...Show more A vulnerability was found in Seeyon Zhiyuan OA Web Application System 8.1 SP2. It has been classified as problematic. Affected is the function Download of the file seeyon\opt\Seeyon\A8\ApacheJetspeed\webapps\seeyon\WEB-INF\lib\seeyon-apps-m3.jar!\com\seeyon\apps\m3\core\controller\M3CoreController.class of the component ZIP File Handler. The manipulation of the argument Name leads to path traversal. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2025-4000 1Seeyon 1Oa Web Application System Jun 17, 2026 Apr 28, 2025 5.1 MEDIUM· v4 5.4 MEDIUM· v3 4.0 MEDIUM· v2 A vulnerability, which was classified as problematic, was found in Seeyon Zhiyuan OA Web Application System 8.1 SP2. Affected is an unknown function of the file seeyon\opt\Seeyon\A8\ApacheJetspeed\webapps\seeyon\ssoproxy...Show more A vulnerability, which was classified as problematic, was found in Seeyon Zhiyuan OA Web Application System 8.1 SP2. Affected is an unknown function of the file seeyon\opt\Seeyon\A8\ApacheJetspeed\webapps\seeyon\ssoproxy\jsp\ssoproxy.jsp. The manipulation of the argument Name leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2025-3999 1Seeyon 1Oa Web Application System Jun 17, 2026 Apr 28, 2025 5.1 MEDIUM· v4 5.4 MEDIUM· v3 4.0 MEDIUM· v2 A vulnerability, which was classified as problematic, has been found in Seeyon Zhiyuan OA Web Application System 8.1 SP2. This issue affects some unknown processing of the file seeyon\opt\Seeyon\A8\ApacheJetspeed\webapps...Show more A vulnerability, which was classified as problematic, has been found in Seeyon Zhiyuan OA Web Application System 8.1 SP2. This issue affects some unknown processing of the file seeyon\opt\Seeyon\A8\ApacheJetspeed\webapps\seeyon\common\js\addDate\date.jsp of the component URL Parameter Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2025-3402 1Seeyon 1Fe Collaborative Office Platform Jun 17, 2026 Apr 8, 2025 5.3 MEDIUM· v4 7.5 HIGH· v3 6.5 MEDIUM· v2 A vulnerability was found in Seeyon Zhiyuan Interconnect FE Collaborative Office Platform 5.5.2 and classified as critical. This issue affects some unknown processing of the file /sysform/042/check.js%70. The manipulatio...Show more A vulnerability was found in Seeyon Zhiyuan Interconnect FE Collaborative Office Platform 5.5.2 and classified as critical. This issue affects some unknown processing of the file /sysform/042/check.js%70. The manipulation of the argument Name leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2020-20545 1Seeyon 1G6 Government Collaborative System Jun 17, 2026 Mar 30, 2021 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 Cross-Site Scripting (XSS) vulnerability in Zhiyuan G6 Government Collaboration System V6.1SP1, via the 'method' parameter to 'seeyon/hrSalary.do'.