74 matches found
CVE-2020-7806
Tobesoft Xplatform 9.2.2.250 and earlier version have an arbitrary code execution vulnerability by using method supported by Xplatform ActiveX Control. It allows attacker to cause remote code execution...
EUVD-2019-8798
Malware in sbrugna...
EUVD-2019-8794
Malware in sbrugna...
EUVD-2020-28789
Malware in sbrugna...
EUVD-2020-28738
Malware in sbrugna...
EUVD-2020-28747
Malware in sbrugna...
EUVD-2019-8799
Malware in sbrugna...
EUVD-2020-28773
Malware in sbrugna...
CVE-2019-19166
Tobesoft XPlatform v9.1, 9.2.0, 9.2.1 and 9.2.2 have a vulnerability that can load unauthorized DLL files. It allows attacker to cause remote code execution...
CVE-2019-19167
Tobesoft Nexacro v2019.9.25.1 and earlier version have an arbitrary code execution vulnerability by using method supported by Nexacro14 ActiveX Control. It allows attacker to cause remote code execution...
CVE-2020-7857
A vulnerability of XPlatform could allow an unauthenticated attacker to execute arbitrary command. This vulnerability exists due to insufficient validation of improper classes. This issue affects: Tobesoft XPlatform versions prior to 9.2.2.280...
CVE-2020-7841
Improper input validation vulnerability exists in TOBESOFT XPLATFORM which could cause arbitrary .hta file execution when the command string is begun with http://, https://, mailto://...
Tobesoft Xplatform 路径遍历漏洞
Tobesoft Xplatform is a set of Korean Tobesoft application development platform. The platform supports form and composite component inheritance, CSS automation, and multi-document interfaces. A security vulnerability exists in Tobesoft Xplatform prior to version 9.2.2.280, which stems from a lack...
CVE-2021-26625 tobesoft Nexacro arbitrary file download vulnerability
Insufficient Verification of input Data leading to arbitrary file download and execute was discovered in Nexacro platform. This vulnerability is caused by an automatic update function that does not verify input data except version information. Remote attackers can use this incomplete validation...
Tobesoft Xplatform 输入验证错误漏洞
Tobesoft Xplatform is a set of Korean Tobesoft application development platform. The platform supports form and composite component inheritance, CSS auto-setting, and multi-document interfaces. An input validation error vulnerability exists in the execBrowser method of Tobesoft Xplatform prior to...
Tobesoft Nexacro数据伪造问题漏洞
Tobesoft Nexacro is a unified framework-based OSMU single-source multi-purpose application development solution from Tobesoft Korea. A security vulnerability previously existed in Nexacro version 17 17.1.3.700, which stemmed from the automatic update feature not validating input data other than...
CVE-2021-26613 tobesoft nexacro arbitrary file creation vulnerability
improper input validation vulnerability in nexacro permits copying file to the startup folder using rename method...
Tobesoft Nexacro 输入验证错误漏洞
Tobesoft Nexacro is a unified framework-based OSMU single-source multi-purpose application development solution from Tobesoft Corporation in South Korea. An input validation error vulnerability exists in Tobesoft nexacro, which can be exploited by an attacker to copy files to the startup folder...
Tobesoft Nexacro 输入验证错误漏洞
Tobesoft Nexacro is a unified framework-based OSMU single-source multi-purpose application development solution from Tobesoft, South Korea. Nexacro 17 suffers from a security vulnerability that stems from an arbitrary file creation due to incorrect input validation found in the copy method of the...
CVE-2020-7874 NEXACRO14 Runtime arbitrary file download and execution vulnerability
Download of code without integrity check vulnerability in NEXACRO14 Runtime ActiveX control of tobesoft Co., Ltd allows the attacker to cause an arbitrary file download and execution. This vulnerability is due to incomplete validation of file download URL or file extension...