Hancom Office Word DOC File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hancom Office Word. User interaction is required to exploit this vulnerability in that the target must visit a...
7CVSS
7.9AI Score
0.001EPSS
Hancom Office Cell XLS File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hancom Office Cell. User interaction is required to exploit this vulnerability in that the target...
7.8CVSS
7.9AI Score
0.001EPSS
Hancom Office Show PPT File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hancom Office Show. User interaction is required to exploit this vulnerability in that the target...
7.8CVSS
7.9AI Score
0.001EPSS
A vulnerability was found in SourceCodester Kortex Lite Advocate Office Management System 1.0. It has been classified as critical. This affects an unknown part of the file /control/register_case.php. The manipulation of the argument...
4.7CVSS
7.9AI Score
0.0004EPSS
A vulnerability has been found in SourceCodester Kortex Lite Advocate Office Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /control/addcase_stage.php. The manipulation of the argument cname leads to sql injection. The...
4.7CVSS
7.9AI Score
0.0004EPSS
A vulnerability was found in SourceCodester Kortex Lite Advocate Office Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /control/adds.php. The manipulation of the argument name/gender/dob/email/mobile/address leads to sql...
4.7CVSS
7.9AI Score
0.0004EPSS
A vulnerability, which was classified as critical, was found in SourceCodester Kortex Lite Advocate Office Management System 1.0. Affected is an unknown function of the file /control/activate_case.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack.....
4.7CVSS
7.9AI Score
0.0004EPSS
A vulnerability, which was classified as critical, has been found in SourceCodester Kortex Lite Advocate Office Management System 1.0. This issue affects some unknown processing of the file /control/deactivate_case.php. The manipulation of the argument id leads to sql injection. The attack may be.....
4.7CVSS
7.9AI Score
0.0004EPSS
7.7AI Score
0.001EPSS
Missing Authorization vulnerability in WooCommerce WooCommerce Box Office.This issue affects WooCommerce Box Office: from n/a through...
6.5CVSS
7.2AI Score
0.0004EPSS
9.8CVSS
8.1AI Score
0.009EPSS
7.8CVSS
8.1AI Score
0.001EPSS
8.8CVSS
8.1AI Score
0.001EPSS
7.8CVSS
8.1AI Score
0.001EPSS
7.8CVSS
8.1AI Score
0.001EPSS
Cross-site scripting vulnerability exists in Group Office prior to v6.6.182, prior to v6.7.64 and prior to v6.8.31, which may allow a remote authenticated attacker to execute an arbitrary script on the web browser of the user who is logging in to the...
5.4CVSS
7AI Score
0.001EPSS
A vulnerability was found in CXBSoft Post-Office up to 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /apps/reg_go.php of the component HTTP POST Request Handler. The manipulation of the argument username_reg leads to sql injection. The exploit has....
9.8CVSS
7.8AI Score
0.002EPSS
A vulnerability has been found in CXBSoft Post-Office up to 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /apps/login_auth.php of the component HTTP POST Request Handler. The manipulation of the argument username_login leads to sql...
9.8CVSS
7.8AI Score
0.001EPSS
A vulnerability, which was classified as critical, was found in CXBSoft Post-Office 1.0. Affected is an unknown function of the file /admin/pages/update_go.php of the component HTTP POST Request Handler. The manipulation of the argument version leads to sql injection. The exploit has been...
9.8CVSS
7.8AI Score
0.002EPSS
7.6AI Score
0.001EPSS
5.5CVSS
7.2AI Score
0.001EPSS
6.5CVSS
7.2AI Score
0.001EPSS
5.3CVSS
7.4AI Score
0.001EPSS
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build...
7.3CVSS
7.7AI Score
0.001EPSS
An uninitialized pointer use vulnerability exists in the functionality of WPS Office 11.2.0.11537 that handles Data elements in an Excel file. A specially crafted malformed file can lead to remote code execution. An attacker can provide a malicious file to trigger this...
7.8CVSS
8.1AI Score
0.001EPSS
6.5CVSS
7.3AI Score
0.001EPSS
7.8CVSS
8.1AI Score
0.001EPSS
7.8CVSS
8.1AI Score
0.003EPSS
7.8CVSS
7.3AI Score
0.001EPSS
5.4CVSS
7AI Score
0.001EPSS
8.4CVSS
8.6AI Score
0.001EPSS
7CVSS
8.6AI Score
0.0005EPSS
7CVSS
8.6AI Score
0.0005EPSS
Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build...
7.8CVSS
8.7AI Score
0.001EPSS
A use-after-free vulnerability exists in the footerr functionality of Hancom Office 2020 HWord 11.0.0.7520. A specially crafted .doc file can lead to a use-after-free. An attacker can trick a user into opening a malformed file to trigger this...
7.8CVSS
7.8AI Score
0.001EPSS
Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build...
5.5CVSS
7.2AI Score
0.001EPSS
5.5CVSS
5.5AI Score
0.001EPSS
4.3CVSS
5AI Score
0.001EPSS
5.5CVSS
5.4AI Score
0.001EPSS
7.3CVSS
7.3AI Score
0.001EPSS
9.8CVSS
9.4AI Score
0.002EPSS
7.5CVSS
7.3AI Score
0.001EPSS
Local privilege escalation during installation due to improper soft link handling. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build...
7.8CVSS
7.8AI Score
0.0004EPSS
Local privilege escalation due to insecure driver communication port permissions. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40278, Acronis Agent (Windows) before build 31637, Acronis Cyber Protect 15 (Windows) before build...
8.8CVSS
7.8AI Score
0.0004EPSS
Local privilege escalation during recovery due to improper soft link handling. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build...
7.8CVSS
7.8AI Score
0.0004EPSS
Local privilege escalation due to insecure driver communication port permissions. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40173, Acronis Agent (Windows) before build 30600, Acronis Cyber Protect 15 (Windows) before build...
7.8CVSS
7.8AI Score
0.0004EPSS
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in WooCommerce WooCommerce Box Office plugin <= 1.1.50...
5.4CVSS
5.2AI Score
0.0004EPSS
e-Excellence U-Office Force file uploading function does not restrict upload of file with dangerous type. An unauthenticated remote attacker without logging the service can exploit this vulnerability to upload arbitrary files to perform arbitrary command or disrupt...
9.8CVSS
9.5AI Score
0.003EPSS
e-Excellence U-Office Force has a path traversal vulnerability within its file uploading and downloading functions. An unauthenticated remote attacker can exploit this vulnerability to read arbitrary system files, but can’t control system or disrupt...
7.5CVSS
7.6AI Score
0.002EPSS