20 matches found
CVE-2022-27960
CVE-2022-27960 affects OFCMS v1.1.4. The issue stems from insecure permissions configured in the user_id parameter within SysUserController.java, enabling an attacker to access and arbitrarily modify users’ personal information. The Network vulnerability arises from insufficient access control on...
CVE-2022-27961
CVE-2022-27961 : OFCMS v1.1.4 contains a cross-site scripting (XSS) vulnerability in the Comment text box at /ofcms/company-c-47. The issue arises from crafted payloads that allow execution of arbitrary web scripts/HTML. CVSS data in sources indicates a MEDIUM severity (CVSS 3.1: AV:N/AC:L/PR:L/U...
CVE-2024-9411
The CVE-2024-9411 issue affects OFCMS 1.1.2, specifically the add function at /admin/system/dict/add.json?sqlid=system.dict.save. The bug stems from manipulating the dict_value argument, enabling cross-site scripting (XSS). Remote exploitation is possible, and public exploits have been disclosed....
CVE-2025-1557
CVE-2025-1557 concerns OFCMS 1.1.3 where an unknown function allows cross-site request forgery (CSRF). The manipulation enables a remote attacker to exploit the vulnerability, with the exploit publicly disclosed. Multiple connected sources consistently identify CSRF as the impact vector and OFCMS...
CVE-2024-48236
CVE-2024-48236 concerns OFCMS 1.1.2. The issue exists in the admin-side FileUtils.java, specifically the FileOutputStream usage inside the write String method, which enables a remote attacker to execute arbitrary code. The descriptions across sources consistently identify this as a remote-code-ex...
CVE-2024-48235
OFCMS 1.1.2 is affected by a remote code execution vulnerability tied to the save method in TemplateController.java. This CVE (CVE-2024-48235) is documented across NVD and CVE records with consistent description: an attacker can trigger arbitrary code execution in OFCMS via that method. The avail...
CVE-2024-34256
CVE-2024-34256 affects OFCMS V1.1.2 and is caused by SQL Injection via the new table function in OFCMS. Multiple sources (NVD, CVE listings, Red Hat, CNNVD, PT Security) consistently describe a high-severity issue with potential total impact if exploited, but exploitation details and confirmed at...
CVE-2019-9612
CVE-2019-9612 affects OFCMS before 1.1.3. The issue arises in the backend file upload handling: blocking of .jsp/.jspx files fails to consider file.jsp::$DATA within the admin/comn/service/upload URI, enabling remote attackers to execute arbitrary code. This is a remote code execution vulnerabili...
CVE-2022-29653
OFCMS v1.1.4 contains a cross-site scripting (XSS) vulnerability in the /admin/comn/service/update.json component. The root cause is lack of data validation/filtering on user-supplied data and output data, allowing injected JavaScript code to be executed in the context of the affected application...
CVE-2023-24760
CVE-2023-24760 affects Ofcms v1.1.4, allowing a remote attacker to escalate privileges via the respwd method in SysUserController. Affected component is Ofcms (web CMS); root cause described as improper access control in respwd. The NVD entry reports CVSSv3.1 base score 8.8 (Network, Low complexi...
CVE-2019-9609
CVE-2019-9609 affects OFCMS prior to 1.1.3. The issue arises because blocking of .jsp/.jspx files does not account for file.jsp::$DATA when targeting the admin/comn/service/editUploadImage URI, enabling remote attackers to execute arbitrary code. Product: OFCMS; version: before 1.1.3; component: ...
CVE-2019-9611
CVE-2019-9611 affects OFCMS prior to 1.1.3. The issue enables a directory traversal via the admin/cms/template/getTemplates.html?res_path=res parameter, allowing ../ in dir to write arbitrary content (file_content) to an arbitrary file (file_name). Root cause: save function in TemplateController....
CVE-2019-9614
CVE-2019-9614 affects OFCMS prior to 1.1.3. A command injection vulnerability exists in a template file that uses ${ ex('') }, enabling execution of arbitrary commands. Multiple connected sources corroborate this flaw and specify that the vulnerability arises from a Freemarker-based template mec...
CVE-2019-9617
CVE-2019-9617 affects OFCMS prior to 1.1.3. The issue is a remote code execution vector where blocking of *.jsp and *.jspx files does not consider file.jsp::$DATA in the admin/ueditor/uploadFile URI, enabling arbitrary code execution. The connected sources confirm the affected product/version and...
CVE-2019-9608
CVE-2019-9608 affects OFCMS prior to 1.1.3. The vulnerability arises in the backend ueditor/uploadImage path where blocking of .jsp/.jspx files does not account for file.jsp::$DATA, enabling remote attackers to execute arbitrary code. Public references in CNVD, NVD and Red Hat records corroborate...
CVE-2019-9613
CVE-2019-9613 affects OFCMS prior to 1.1.3. The issue arises in the backend ueditor/uploadVideo handling where blocking of .jsp and .jspx files fails to consider file.jsp::$DATA, enabling remote attackers to execute arbitrary code via the admin/ueditor/uploadVideo URI. Documents consistently desc...
CVE-2019-9616
The CVE-2019-9616 issue affects OFCMS prior to version 1.1.3. The vulnerability arises from blocking of .jsp and .jspx files not accounting for file.jsp::$DATA in the admin/ueditor/uploadScrawl URI, enabling a remote attacker to execute arbitrary code. Affected component: OFCMS backend upload han...
CVE-2019-9610
OFCMS prior to 1.1.3 is affected by a directory traversal in getTemplates.html exposed through admin/cms/template/getTemplates.html?res_path=res&up_dir=../, related to TemplateController.java. The vulnerability allows traversal of directories via the up_dir parameter, as described across CVE/comm...
CVE-2019-9615
CVE-2019-9615 affects OFCMS prior to 1.1.3. The backend SQL injection is reachable via admin/system/generate/create?sql= and is attributed to SystemGenerateController.java. The vulnerability allows injection through the SQL parameter, enabling a attacker-controlled query that could impact data in...
CVE-2023-51807
CVE-2023-51807 is an XSS vulnerability in OFCMS v1.14. A remote attacker can obtain sensitive information by sending a crafted payload to the title addition component. CVSSv3.1 base score 5.4 (Network, Low attack complexity, Privileges Required: Low, User Interaction: Required, Scope: Changed; Co...