A use-after-free vulnerability in the TOBESOFT XPLATFORM versions 9.1 to 9.2.2 may lead to code execution on a system running it.
7.8CVSS
7.8AI Score
0.001EPSS
Tobesoft XPlatform v9.1, 9.2.0, 9.2.1 and 9.2.2 have a vulnerability that can load unauthorized DLL files. It allows attacker to cause remote code execution.
7.8CVSS
7.8AI Score
0.005EPSS
Tobesoft Xplatform 9.2.2.250 and earlier version have an arbitrary code execution vulnerability by using method supported by Xplatform ActiveX Control. It allows attacker to cause remote code execution.
9.8CVSS
9.8AI Score
0.03EPSS
XPLATFORM v9.2.260 and eariler versions contain a vulnerability that could allow remote files to be downloaded by setting the arguments to the vulnerable method. this can be leveraged for code execution. File download vulnerability in COMPONENT of TOBESOFT XPLATFORM allows ATTACKER/ATTACK to cause ...
9.8CVSS
9.4AI Score
0.006EPSS
Improper input validation vulnerability exists in TOBESOFT XPLATFORM which could cause arbitrary .hta file execution when the command string is begun with http://, https://, mailto://
8.8CVSS
8.7AI Score
0.003EPSS