Excellence Suite Security Vulnerabilities and Issues — Excellence Suite CVE List

SoftexpertExcellence Suite

3 matches found

CVE•added 2023/05/12 12:0 a.m.•45 views

CVE-2023-30330

SoftExpert Excellence Suite 2.x before 2.1.3 is affected by a Local File Inclusion in /se/v42300/generic/gn_defaultframe/2.0/defaultframe_filter.php. The issue arises from a PHP include via a base64-encoded path (managerPath), enabling reading arbitrary files and potential remote code execution t...

9.8CVSS9.3AI score0.05877EPSS

Web

CVE•added 2023/06/14 12:0 a.m.•39 views

CVE-2023-33515

CVE-2023-33515 affects SoftExpert Excellence Suite version 2.1.9, with a reported Cross-Site Scripting (XSS) vulnerability exploitable via query screens. The issue is described across multiple sources as an XSS in SoftExpert Suite 2.1.9, and the commonly cited attack path involves input that is r...

5.4CVSS5.3AI score0.00409EPSS

CVE•added 2018/07/09 6:0 p.m.•38 views

CVE-2018-12977

CVE-2018-12977: A SQL injection vulnerability in SoftExpert Excellence Suite 2.0 allows remote authenticated users to pull information from the database via the cddocument parameter in the Downloading Electronic Documents section. The NVD metrics indicate CVSSv3.0 base score 8.8 (HIGH) with NETWO...

8.8CVSS8.4AI score0.0146EPSS