| Title | Beijing ShiKong-ZhiYou Technology Co ShiKong-ZhiYou ERP 11.0 file upload vulnerability. |
|---|
| Description | Brief Introduction to Shikong Zhiyou ERP System by Beijing Shikong Zhiyou Technology Co., Ltd.
Beijing Shikong Zhiyou Technology Co., Ltd., established in 2011 and headquartered in Beijing's Zhongguancun High-Tech Zone, specializes in providing cloud-based enterprise resource planning (ERP) solutions for businesses across various industries, with a strong focus on pharmaceutical distribution, retail, and supply chain management . The company is committed to driving digital transformation and business innovation through integrated management platforms, adhering to the philosophy of "customer-centricity" and delivering full-lifecycle value services .
Shikong Zhiyou ERP System Overview
The Shikong Zhiyou ERP system is a comprehensive, industry-specific solution designed to address the complex operational needs of pharmaceutical enterprises, wholesalers, retailers, and supply chain organizations. It serves as the central nervous system for businesses, streamlining core processes, enhancing collaboration, and ensuring compliance with stringent industry regulations such as GSP (Good Supply Practice) standards .
However,Beijing Shikong Zhiyou's uploadStudioFile interface has an arbitrary file upload vulnerability,com.artery.form.services.FormStudioUpdater#uploadStudioFile has an arbitrary file upload vulnerability. |
|---|
| Source | ⚠️ https://github.com/FightingLzn9/vul/blob/main/%E6%97%B6%E7%A9%BA%E6%99%BA%E5%8F%8Berp-2.md |
|---|
| User | nu11 (UID 81380) |
|---|
| Submission | 09/18/2025 15:51 (7 months ago) |
|---|
| Moderation | 09/28/2025 20:42 (10 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 326216 [Bjskzy Zhiyou ERP up to 11.0 com.artery.form.services.FormStudioUpdater uploadStudioFile filepath path traversal] |
|---|
| Points | 20 |
|---|