| Название | Bjskzy Enterprise Resource Planning Software 11.0 XML External Entity Reference |
|---|
| Описание | Brief Introduction to Shikong Zhiyou ERP System by Beijing Shikong Zhiyou Technology Co., Ltd.
Beijing Shikong Zhiyou Technology Co., Ltd., established in 2011 and headquartered in Beijing's Zhongguancun High-Tech Zone, specializes in providing cloud-based enterprise resource planning (ERP) solutions for businesses across various industries, with a strong focus on pharmaceutical distribution, retail, and supply chain management . The company is committed to driving digital transformation and business innovation through integrated management platforms, adhering to the philosophy of "customer-centricity" and delivering full-lifecycle value services .
Shikong Zhiyou ERP System Overview
The Shikong Zhiyou ERP system is a comprehensive, industry-specific solution designed to address the complex operational needs of pharmaceutical enterprises, wholesalers, retailers, and supply chain organizations. It serves as the central nervous system for businesses, streamlining core processes, enhancing collaboration, and ensuring compliance with stringent industry regulations such as GSP (Good Supply Practice) standards .
However,Shikong Zhiyou ERP is vulnerable to XML External Entity (XXE) injection vulnerability,com.artery.richclient.RichClientService#initRCForm has an XXE vulnerability |
|---|
| Источник | ⚠️ https://github.com/dingpotian/cve-vul/blob/main/Shikong-Zhiyou-ERP/Shikong-Zhiyou-ERP-XXE-RichClientService-initRCForm.md |
|---|
| Пользователь | dptcc (UID 94330) |
|---|
| Представление | 09.01.2026 11:08 (5 месяцы назад) |
|---|
| Модерация | 20.01.2026 00:19 (11 days later) |
|---|
| Статус | принято |
|---|
| Запись VulDB | 341908 [Bjskzy Zhiyou ERP до 11.0 com.artery.richclient.RichClientService RichClientService.class initRCForm XML External Entity] |
|---|
| Баллы | 20 |
|---|