4 matches found
CVE-2024-35504
CVE-2024-35504 affects FineSoft v8.0, with a cross-site scripting (XSS) vulnerability in the login page that allows an attacker to execute arbitrary scripts via a crafted payload in the URL’s errorname parameter after a failed login. The Red Hat / NVD / CVE enrichment entries confirm the issue as...
CVE-2024-37679
CVE-2024-37679 is a cross-site scripting vulnerability in Hangzhou Meisoft Information Technology Co.’s Finesoft v8.0 and earlier. The issue allows a remote attacker to execute arbitrary code by submitting a crafted script to the login.jsp parameter. The affected software is Finesoft (FineSoft) v...
CVE-2024-37680
CVE-2024-37680 affects Hangzhou Meisoft Information Technology Co.’s FineSoft
CVE-2024-37678
CVE-2024-37678 describes a Cross Site Scripting vulnerability in Hangzhou Meisoft Information Technology Co., Ltd. Finesoft v8.0 and earlier. The flaw allows a remote attacker to execute arbitrary code via a crafted script. The affected product is Finesoft (version 8.0 and before); the underlying...