Lucene search
K

7 matches found

Cvelist
Cvelist
added 2022/10/31 6:40 a.m.21 views

CVE-2022-39027 e-Excellence Inc. U-Office Force - Stored XSS

U-Office Force Forum function has insufficient filtering for special characters. A remote attacker with general user privilege can inject JavaScript and perform XSS Stored Cross-Site Scripting attack...

5.4CVSS5.6AI score0.00429EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/10/31 6:40 a.m.8 views

CVE-2022-39026 e-Excellence Inc. U-Office Force - Stored XSS

U-Office Force UserDefault page has insufficient filtering for special characters in the HTTP header fields. A remote attacker with general user privilege can exploit this vulnerability to inject JavaScript and perform XSS Stored Cross-Site Scripting attack...

5.4CVSS5.4AI score0.00429EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/10/31 6:40 a.m.10 views

CVE-2022-39025 e-Excellence Inc. U-Office Force - Reflected XSS

U-Office Force PrintMessage function has insufficient filtering for special characters. An unauthenticated remote attacker can exploit this vulnerability to inject JavaScript and perform XSS Reflected Cross-Site Scripting attack...

6.1CVSS6.2AI score0.00494EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/10/31 6:40 a.m.8 views

CVE-2022-39024 e-Excellence Inc. U-Office Force - Reflected XSS

U-Office Force Bulletin function has insufficient filtering for special characters. An unauthenticated remote attacker can exploit this vulnerability to inject JavaScript and perform XSS Reflected Cross-Site Scripting attack...

6.1CVSS6.2AI score0.00494EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/10/31 6:40 a.m.10 views

CVE-2022-39023 e-Excellence Inc. U-Office Force - Path Traversal

U-Office Force Download function has a path traversal vulnerability. A remote attacker with general user privilege can exploit this vulnerability to download arbitrary system file...

6.5CVSS7.1AI score0.00884EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/10/31 6:40 a.m.9 views

CVE-2022-39022 e-Excellence Inc. U-Office Force - Path Traversal

U-Office Force Download function has a path traversal vulnerability. A remote attacker with general user privilege can exploit this vulnerability to download arbitrary system file...

6.5CVSS7.1AI score0.00884EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/10/31 6:40 a.m.25 views

CVE-2022-39021 e-Excellence Inc. U-Office Force - Open Redirect

U-Office Force login function has an Open Redirect vulnerability. An unauthenticated remote attacker can exploit this vulnerability to redirect user to arbitrary website...

6.1CVSS6.6AI score0.00483EPSS
Exploits0References1
Rows per page
Query Builder