Browse all 4 CVE security advisories affecting erjinzhi. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Erjinzhi operates primarily as a Chinese cybersecurity vendor providing vulnerability scanning and penetration testing solutions. Historically, their products have been associated with multiple remote code execution (RCE) vulnerabilities, cross-site scripting (XSS) flaws, and privilege escalation issues in their web interfaces and scanning engines. Security researchers have identified several critical vulnerabilities in their software that could allow attackers to compromise systems or bypass security controls. While no major public security incidents have been widely documented, the consistent appearance of multiple CVEs in their products indicates ongoing challenges in secure development practices.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-10274 | erjinzhi 10OA item cross site scripting — 10OACWE-79 | 4.3 | Medium | 2025-09-12 |
| CVE-2025-10273 | erjinzhi 10OA file.aspx path traversal — 10OACWE-22 | 3.5 | Low | 2025-09-11 |
| CVE-2025-10272 | erjinzhi 10OA catalogue cross site scripting — 10OACWE-79 | 4.3 | Medium | 2025-09-11 |
| CVE-2025-10271 | erjinzhi 10OA finder cross site scripting — 10OACWE-79 | 4.3 | Medium | 2025-09-11 |
This page lists every published CVE security advisory associated with erjinzhi. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.