2 matches found
CVE-2022-39022
CVE-2022-39022 concerns the U-Office Force Download function, which has a path traversal vulnerability. A remote attacker with general user privileges can exploit this to download arbitrary system files. Public references (NVD/TWCERT) cite a CVSS v3.1 base score of 6.5 (MEDIUM) with NETWORK attac...
CVE-2022-39022 e-Excellence Inc. U-Office Force - Path Traversal
U-Office Force Download function has a path traversal vulnerability. A remote attacker with general user privilege can exploit this vulnerability to download arbitrary system file...