Lucene search
K

The vulnerability of the App/Ajax/ajax.php?action=mobileUploadSave component of the software platform for small and medium-sized business collaboration software Weaver E-Office allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

🗓️ 31 May 2023 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType 
bdu_fstec
 bdu_fstec
🔗 bdu.fstec.ru👁 5 Views

Weaver E-Office mobileUploadSave flaw enables unrestricted uploads, risking confidentiality, integrity, and availability.

Related
Detection
Refs
ReporterTitlePublishedViews
Family
GithubExploit
Exploit for Command Injection in Tp-Link Archer_Ax21_Firmware
8 May 202405:41
githubexploit
Circl
CVE-2023-2523
4 May 202322:37
circl
CNNVD
Weaver E-Office 代码问题漏洞
4 May 202300:00
cnnvd
CVE
CVE-2023-2523
4 May 202318:00
cve
Cvelist
CVE-2023-2523 Weaver E-Office unrestricted upload
4 May 202318:00
cvelist
Nuclei
Weaver E-Office 9.5 - Remote Code Execution
5 Jul 202603:01
nuclei
NVD
CVE-2023-2523
4 May 202318:15
nvd
Prion
Out-of-bounds
4 May 202318:15
prion
Positive Technologies
PT-2023-2943 · Unknown · Weaver E-Office
4 May 202300:00
ptsecurity
RedhatCVE
CVE-2023-2523
23 May 202501:52
redhatcve
Rows per page
Vulners

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

31 May 2023 00:00Current
7.2High risk
Vulners AI Score7.2
CVSS 39.8
CVSS 210
EPSS0.32895
5