5 matches found
CVE-2025-5877
A vulnerability, which was classified as problematic, has been found in Fengoffice Feng Office 3.2.2.1. Affected by this issue is some unknown functionality of the file /application/models/ApplicationDataObject.class.php of the component Document Upload Handler. The manipulation leads to xml...
CVE-2025-5877
A vulnerability, which was classified as problematic, has been found in Fengoffice Feng Office 3.2.2.1. Affected by this issue is some unknown functionality of the file /application/models/ApplicationDataObject.class.php of the component Document Upload Handler. The manipulation leads to xml...
CVE-2025-5877
The CVE-2025-5877 is a confirmed issue in Fengoffice Feng Office 3.2.2.1. It affects unknown functionality in /application/models/ApplicationDataObject.class.php within the Document Upload Handler, enabling an XML external entity reference. The vulnerability can be exploited remotely, and the exp...
CVE-2025-5433 Fengoffice Feng Office index.php sql injection
A vulnerability was found in Fengoffice Feng Office 3.5.1.5 and classified as critical. Affected by this issue is some unknown functionality of the file /index.php?c=account&a=settimezone. The manipulation of the argument tzoffset leads to sql injection. The attack may be launched remotely. The...
CVE-2025-5433 Fengoffice Feng Office index.php sql injection
A vulnerability was found in Fengoffice Feng Office 3.5.1.5 and classified as critical. Affected by this issue is some unknown functionality of the file /index.php?c=account&a=settimezone. The manipulation of the argument tzoffset leads to sql injection. The attack may be launched remotely. The...