17 matches found
e-Excellence U-Office Force 代码问题漏洞
e-Excellence U-Office Force is an electronic office platform developed by e-Excellence, a leading technology company in China. There is a code vulnerability in e-Excellence U-Office Force, which stems from insecure deserialization. This vulnerability could allow unverified remote attackers to...
CVE-2025-2396 e-Excellence U-Office Force - Arbitrary File Upload
The U-Office Force from e-Excellence has an Arbitrary File Upload vulnerability, allowing remote attackers with regular privileges to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server...
CVE-2025-2395 e-Excellence U-Office Force - Improper Authentication
The U-Office Force from e-Excellence has an Improper Authentication vulnerability, allowing unauthenticated remote attackers to use a particular API and alter cookies to log in as an administrator...
e-Excellence U-Office Force 安全漏洞
e-Excellence U-Office Force is an e-Office platform from China-based First Class Technology e-Excellence. A security vulnerability exists in e-Excellence U-Office Force that stems from improper authentication, which could result in an unauthenticated remote attacker logging in as an administrator...
e-Excellence U-Office Force 代码问题漏洞
e-Excellence U-Office Force is an e-Office platform from China's First Class Technology e-Excellence. A code issue vulnerability exists in e-Excellence U-Office Force, which originates from an arbitrary file upload and could allow a remote attacker to upload and execute a Web Shell backdoor to...
CVE-2023-32756
e-Excellence U-Office Force has a path traversal vulnerability within its file uploading and downloading functions. An unauthenticated remote attacker can exploit this vulnerability to read arbitrary system files, but can’t control system or disrupt service...
CVE-2023-32757
e-Excellence U-Office Force file uploading function does not restrict upload of file with dangerous type. An unauthenticated remote attacker without logging the service can exploit this vulnerability to upload arbitrary files to perform arbitrary command or disrupt service...
CVE-2023-32757
e-Excellence U-Office Force file uploading function does not restrict upload of file with dangerous type. An unauthenticated remote attacker without logging the service can exploit this vulnerability to upload arbitrary files to perform arbitrary command or disrupt service...
CVE-2023-32757 e-Excellence U-Office Force - Arbitrary File Upload
e-Excellence U-Office Force file uploading function does not restrict upload of file with dangerous type. An unauthenticated remote attacker without logging the service can exploit this vulnerability to upload arbitrary files to perform arbitrary command or disrupt service...
CVE-2023-32756 e-Excellence U-Office Force - Path Traversal
e-Excellence U-Office Force has a path traversal vulnerability within its file uploading and downloading functions. An unauthenticated remote attacker can exploit this vulnerability to read arbitrary system files, but can’t control system or disrupt service...
CVE-2023-32756
CVE-2023-32756 affects e-Excellence U-Office Force and is a path traversal vulnerability in its file upload/download functionality. An unauthenticated remote attacker can read arbitrary system files, with no ability to compromise or disrupt system operation as described in the sources. Several da...
CVE-2023-32755 e-Excellence U-Office Force - Error Message Leakage
e-Excellence U-Office Force generates an error message in webiste service. An unauthenticated remote attacker can obtain partial sensitive system information from error message by sending a crafted command...
CVE-2023-32755 e-Excellence U-Office Force - Error Message Leakage
e-Excellence U-Office Force generates an error message in webiste service. An unauthenticated remote attacker can obtain partial sensitive system information from error message by sending a crafted command...
CVE-2023-32755
CVE-2023-32755 affects e-Excellence U-Office Force. The web service may reveal partial sensitive system information via crafted commands in error messages; no concrete patch/version is provided in the sources. Monitor for updates and advisories from multiple vendors.
PT-2023-24003 · Unknown · E-Excellence U-Office Force
Name of the Vulnerable Software and Affected Versions: e-Excellence U-Office Force affected versions not specified Description: An unauthenticated remote attacker can obtain partial sensitive system information from an error message by sending a crafted command to the website service of...
PT-2023-24004 · Unknown · E-Excellence U-Office Force
Name of the Vulnerable Software and Affected Versions: e-Excellence U-Office Force affected versions not specified Description: The issue is related to a path traversal vulnerability within the file uploading and downloading functions. An unauthenticated remote attacker can exploit this to read...
e-Excellence U-Office Force 路径遍历漏洞
e-Excellence U-Office Force is an e-Office platform from China First Class Technology e-Excellence. A path traversal vulnerability exists in e-Excellence U-Office Forc, which can be exploited by an attacker to read arbitrary system files...