CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

26 matches found

Weaver OA 9.5 - Information Disclosure

A vulnerability was found in Weaver OA 9.5 and classified as problematic. This issue affects some unknown processing of the file /building/backmgr/urlpage/mobileurl/configfile/jx2config.ini. The manipulation leads to files or directories accessible. The attack may be initiated remotely. id:...

7.5CVSS5.3AI score0.91048EPSS

Exploits1References5

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-31819

Malicious code in bioql PyPI...

7.2CVSS5.1AI score0.00151EPSS

Exploits1References4

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-38839

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.00164EPSS

Exploits0References1

OSV•added 2025/06/26 4:15 p.m.•2 views

CVE-2025-34046

An unauthenticated file upload vulnerability exists in the Fanwei E-Office = v9.4 web management interface. The vulnerability affects the /general/index/UploadFile.php endpoint, which improperly validates uploaded files when invoked with certain parameters uploadType=eofficelogo or...

10CVSS6.6AI score

Exploits0References4

RedhatCVE•added 2025/05/23 10:7 a.m.•4 views

CVE-2024-3227

A vulnerability was found in Panwei eoffice OA up to 9.5. It has been declared as critical. This vulnerability affects unknown code of the file /general/system/interface/themeset/saveimage.php of the component Backend. The manipulation of the argument imagetype leads to path traversal:...

7.2CVSS7.1AI score0.00151EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 3:56 a.m.•4 views

CVE-2023-34798

An arbitrary file upload vulnerability in eoffice before v9.5 allows attackers to execute arbitrary code via uploading a crafted file...

9.8CVSS7.8AI score0.00164EPSS

Exploits0

NVD•added 2024/04/03 3:15 a.m.•12 views

CVE-2024-3227

7.2CVSS5AI score0.00151EPSS

Exploits1References4

OSV•added 2024/04/03 3:15 a.m.•2 views

CVE-2024-3227

7.2CVSS5.4AI score0.00151EPSS

Exploits1References4

Cvelist•added 2024/04/03 2:31 a.m.•14 views

CVE-2024-3227 Panwei eoffice OA Backend save_image.php path traversal

5.8CVSS5.3AI score0.00151EPSS

Exploits1References4

Vulnrichment•added 2024/04/03 2:31 a.m.•13 views

CVE-2024-3227 Panwei eoffice OA Backend save_image.php path traversal

5.8CVSS7.1AI score0.00151EPSS

Exploits1References4

CVE•added 2024/04/03 2:31 a.m.•71 views

CVE-2024-3227

CVE-2024-3227 affects Panwei eoffice OA up to 9.5 (Backend) and involves a path traversal in file /general/system/interface/theme_set/save_image.php. The vulnerability is triggered by manipulating the argument image_type to navigate to a directory like ‘../filedir’. It is remotely exploitable and...

7.2CVSS5AI score0.00151EPSS

Exploits1References4Affected Software1

CNNVD•added 2024/04/03 12:0 a.m.•3 views

eoffice 安全漏洞

eOffice is an electronic office system from eOffice Inc. A security vulnerability exists in eoffice OA 9.5 and earlier versions, which originates from a path traversal vulnerability in the file /general/system/interface/themeset/saveimage.php...

7.2CVSS5AI score0.00151EPSS

Exploits1References5

ATTACKERKB•added 2023/07/25 8:15 p.m.•0 views

CVE-2023-34798

An arbitrary file upload vulnerability in eoffice before v9.5 allows attackers to execute arbitrary code via uploading a crafted file...

9.8CVSS7.8AI score0.00164EPSS

Exploits0References2

OSV•added 2023/07/25 8:15 p.m.•1 views

CVE-2023-34798

An arbitrary file upload vulnerability in eoffice before v9.5 allows attackers to execute arbitrary code via uploading a crafted file...

9.8CVSS6.1AI score

Exploits0References1

Prion•added 2023/07/25 8:15 p.m.•22 views

Design/Logic Flaw

An arbitrary file upload vulnerability in eoffice before v9.5 allows attackers to execute arbitrary code via uploading a crafted file...

7.5CVSS9.5AI score0.00164EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2023/07/25 12:0 a.m.•14 views

CVE-2023-34798

An arbitrary file upload vulnerability in eoffice before v9.5 allows attackers to execute arbitrary code via uploading a crafted file...

7.8AI score0.00164EPSS

Exploits0References1

CVE•added 2023/07/25 12:0 a.m.•65 views

CVE-2023-34798

CVE-2023-34798 affects eOffice prior to v9.5. The vulnerability is an arbitrary file upload that allows an attacker to execute arbitrary code by uploading a crafted file. Root cause is an improper validation/handling of uploaded files in eOffice before 9.5. Impact is high: potential full system c...

9.8CVSS9.5AI score0.00164EPSS

Exploits0References1Affected Software1

Cvelist•added 2023/07/25 12:0 a.m.•13 views

CVE-2023-34798

An arbitrary file upload vulnerability in eoffice before v9.5 allows attackers to execute arbitrary code via uploading a crafted file...

9.8AI score0.00164EPSS

Exploits0References1

Positive Technologies•added 2023/07/25 12:0 a.m.•3 views

PT-2023-25012 · Woffice · Office

Name of the Vulnerable Software and Affected Versions: eoffice versions prior to 9.5 Description: An arbitrary file upload issue allows attackers to execute arbitrary code via uploading a crafted file. Recommendations: For versions prior to 9.5, update to version 9.5 or later to resolve the issue...

9.8CVSS9.6AI score0.00164EPSS

Exploits0References5

Gitee•added 2020/03/07 8:41 a.m.•5 views

msf_module

msf-module wooyun还在的时候根据别人的审计写的一些msf插件，有几个还是挺好用的 module列表 auxiliary + zoomeye-search.rb exploits + Dswjcms-upload-wooyun-2015-0160899.rb + Lotapp-exec-wooyun-2015-0133750.rb + OEM-exec-wooyun-2010-0192732.rb + ZTE-exec-wooyun-2016-190343.rb + discuz-ssrf-wooyun-2011-0151179.rb +...

7.1AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by