OfficeWeb365 Indexs Interface - Arbitrary File Read

There is any file reading in the officeWeb365 Indexs interface. id: CVE-2024-37728 info: name: OfficeWeb365 Indexs Interface - Arbitrary File Read author: DhiyaneshDK severity: high description: | There is any file reading in the officeWeb365 Indexs interface. impact: | Unauthenticated attackers...

CVE-2024-37728

Arbitrary File Read vulnerability in Xi'an Daxi Information Technology Co., Ltd OfficeWeb365 v.7.18.23.0 and v8.6.1.0 allows a remote attacker to obtain sensitive information via the "Pic/Indexes" interface...

CVE-2024-48694

File Upload vulnerability in Xi'an Daxi Information technology OfficeWeb365 v.8.6.1.0 and v7.18.23.0 allows a remote attacker to execute arbitrary code via the pw/savedraw component...

CVE-2024-48694

File Upload vulnerability in Xi'an Daxi Information technology OfficeWeb365 v.8.6.1.0 and v7.18.23.0 allows a remote attacker to execute arbitrary code via the pw/savedraw component...

CVE-2024-48694

File Upload vulnerability in Xi'an Daxi Information technology OfficeWeb365 v.8.6.1.0 and v7.18.23.0 allows a remote attacker to execute arbitrary code via the pw/savedraw component...

CVE-2024-48694

File Upload vulnerability in Xi'an Daxi Information technology OfficeWeb365 v.8.6.1.0 and v7.18.23.0 allows a remote attacker to execute arbitrary code via the pw/savedraw component...

CVE-2024-48694

CVE-2024-48694 affects OfficeWeb365 (Xi’an Daxi Information Technology) versions 7.18.23.0 through 8.6.1.0. The issue is a file-upload vulnerability in the pw/savedraw component that enables remote code execution. Connected sources confirm the vulnerable component and affected versions; no exploi...

PT-2024-33182 · Unknown · Officeweb365

Name of the Vulnerable Software and Affected Versions: OfficeWeb365 versions 7.18.23.0 through 8.6.1.0 Description: The issue allows a remote attacker to execute arbitrary code via the "pw/savedraw" component. This enables the attacker to upload files that can lead to code execution, potentially...

Daxi OfficeWeb365 安全漏洞

Daxi OfficeWeb365 is an office software from China Daxi Daxi Company. A security vulnerability exists in Daxi OfficeWeb365 version v.8.6.1.0 and v7.18.23.0, which stems from vulnerability to file upload attacks and allows attackers to execute arbitrary code via the pw/savedraw component...

CVE-2024-37728

Arbitrary File Read vulnerability in Xi'an Daxi Information Technology Co., Ltd OfficeWeb365 v.7.18.23.0 and v8.6.1.0 allows a remote attacker to obtain sensitive information via the "Pic/Indexes" interface...

Daxi OfficeWeb365 安全漏洞

Daxi OfficeWeb365 is an office software from China Daxi Daxi Corporation. A security vulnerability exists in Daxi OfficeWeb365 version 7.18.23.0 and 8.6.1.0, which stems from the presence of an Arbitrary File Read vulnerability that allows remote attackers to obtain sensitive information via the...

CVE-2024-37728

OfficeWeb365 (Xi’an Daxi Information Technology Co., Ltd) v7.18.23.0 and v8.6.1.0 suffer an Arbitrary File Read via the Pic/Indexes interface. This allows unauthenticated remote attackers to read arbitrary files from the server. Root cause indicators point to a mis-implemented file-access endpoin...

CVE-2024-37728

Arbitrary File Read vulnerability in Xi'an Daxi Information Technology Co., Ltd OfficeWeb365 v.7.18.23.0 and v8.6.1.0 allows a remote attacker to obtain sensitive information via the "Pic/Indexes" interface...

CVE-2024-37728

Arbitrary File Read vulnerability in Xi'an Daxi Information Technology Co., Ltd OfficeWeb365 v.7.18.23.0 and v8.6.1.0 allows a remote attacker to obtain sensitive information via the "Pic/Indexes" interface...

File Upload Vulnerability in OfficeWeb365 of Xi'an Daxi Information Technology Co.(CNVD-2021-47669)

OfficeWeb365 focuses on Office document online preview and PDF document online preview cloud services, including Microsoft Word document online preview, Excel table online preview, Powerpoint presentation document online preview, WPS word processing, WPS forms, WPS presentations and Adobe PDF...

File Upload Vulnerability in OfficeWeb365 of Xi'an Daxi Information Technology Co.

OfficeWeb365 focuses on Office document online preview and PDF document online preview cloud services, including Microsoft Word document online preview, Excel table online preview, Powerpoint presentation document online preview, WPS word processing, WPS forms, WPS presentations and Adobe PDF...