Search

Find a vulnerability

Search criteria

    14 vulnerabilities found for e-office by weaver

    CVE-2024-3227 (GCVE-0-2024-3227)

    Vulnerability from nvd – Published: 2024-04-03 02:31 – Updated: 2024-08-01 20:05
    VLAI
    Title
    Panwei eoffice OA Backend save_image.php path traversal
    Summary
    A vulnerability was found in Panwei eoffice OA up to 9.5. It has been declared as critical. This vulnerability affects unknown code of the file /general/system/interface/theme_set/save_image.php of the component Backend. The manipulation of the argument image_type leads to path traversal: '../filedir'. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-259072.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-24 - Path Traversal: '../filedir'
    Assigner
    References
    URL Tags
    https://vuldb.com/?id.259072 vdb-entrytechnical-description
    https://vuldb.com/?ctiid.259072 signaturepermissions-required
    https://vuldb.com/?submit.308750 third-party-advisory
    https://github.com/garboa/cve_3/blob/main/upload.md exploit
    Impacted products
    Vendor Product Version
    Panwei eoffice OA Affected: 9.0
    Affected: 9.1
    Affected: 9.2
    Affected: 9.3
    Affected: 9.4
    Affected: 9.5
    Create a notification for this product.
    Credits
    Guo Jiabao (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-3227",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-04-03T17:53:32.491219Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-05T17:22:24.994Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T20:05:08.169Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "VDB-259072 | Panwei eoffice OA Backend save_image.php path traversal",
                "tags": [
                  "vdb-entry",
                  "technical-description",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?id.259072"
              },
              {
                "name": "VDB-259072 | CTI Indicators (IOB, IOC, TTP, IOA)",
                "tags": [
                  "signature",
                  "permissions-required",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?ctiid.259072"
              },
              {
                "name": "Submit #308750 | Panwei Network Technology Co., Ltd. eoffice v9.5 files upload",
                "tags": [
                  "third-party-advisory",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?submit.308750"
              },
              {
                "tags": [
                  "exploit",
                  "x_transferred"
                ],
                "url": "https://github.com/garboa/cve_3/blob/main/upload.md"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "modules": [
                "Backend"
              ],
              "product": "eoffice OA",
              "vendor": "Panwei",
              "versions": [
                {
                  "status": "affected",
                  "version": "9.0"
                },
                {
                  "status": "affected",
                  "version": "9.1"
                },
                {
                  "status": "affected",
                  "version": "9.2"
                },
                {
                  "status": "affected",
                  "version": "9.3"
                },
                {
                  "status": "affected",
                  "version": "9.4"
                },
                {
                  "status": "affected",
                  "version": "9.5"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "Guo Jiabao (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability was found in Panwei eoffice OA up to 9.5. It has been declared as critical. This vulnerability affects unknown code of the file /general/system/interface/theme_set/save_image.php of the component Backend. The manipulation of the argument image_type leads to path traversal: \u0027../filedir\u0027. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-259072."
            },
            {
              "lang": "de",
              "value": "In Panwei eoffice OA bis 9.5 wurde eine Schwachstelle ausgemacht. Sie wurde als kritisch eingestuft. Betroffen ist eine unbekannte Verarbeitung der Datei /general/system/interface/theme_set/save_image.php der Komponente Backend. Dank der Manipulation des Arguments image_type mit unbekannten Daten kann eine path traversal: \u0027../filedir\u0027-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 4.7,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 4.7,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 5.8,
                "vectorString": "AV:N/AC:L/Au:M/C:P/I:P/A:P",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-24",
                  "description": "CWE-24 Path Traversal: \u0027../filedir\u0027",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-04-03T02:31:04.531Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-259072 | Panwei eoffice OA Backend save_image.php path traversal",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.259072"
            },
            {
              "name": "VDB-259072 | CTI Indicators (IOB, IOC, TTP, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.259072"
            },
            {
              "name": "Submit #308750 | Panwei Network Technology Co., Ltd. eoffice v9.5 files upload",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.308750"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://github.com/garboa/cve_3/blob/main/upload.md"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-04-02T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2024-04-02T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2024-04-02T20:19:50.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "Panwei eoffice OA Backend save_image.php path traversal"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2024-3227",
        "datePublished": "2024-04-03T02:31:04.531Z",
        "dateReserved": "2024-04-02T18:14:44.847Z",
        "dateUpdated": "2024-08-01T20:05:08.169Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-34798 (GCVE-0-2023-34798)

    Vulnerability from nvd – Published: 2023-07-25 00:00 – Updated: 2024-10-23 19:58
    VLAI
    Summary
    An arbitrary file upload vulnerability in eoffice before v9.5 allows attackers to execute arbitrary code via uploading a crafted file.
    Severity
    No CVSS data available.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T16:17:04.390Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://gist.github.com/Zhu013/e5e6e03613704a2a4107cc6456f1e8e2"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-34798",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-23T19:58:32.154570Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-23T19:58:41.945Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An arbitrary file upload vulnerability in eoffice before v9.5 allows attackers to execute arbitrary code via uploading a crafted file."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-07-25T00:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://gist.github.com/Zhu013/e5e6e03613704a2a4107cc6456f1e8e2"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2023-34798",
        "datePublished": "2023-07-25T00:00:00.000Z",
        "dateReserved": "2023-06-07T00:00:00.000Z",
        "dateUpdated": "2024-10-23T19:58:41.945Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-2766 (GCVE-0-2023-2766)

    Vulnerability from nvd – Published: 2023-05-17 16:31 – Updated: 2024-08-02 06:33
    VLAI
    Title
    Weaver OA jx2_config.ini file access
    Summary
    A vulnerability was found in Weaver OA 9.5 and classified as problematic. This issue affects some unknown processing of the file /building/backmgr/urlpage/mobileurl/configfile/jx2_config.ini. The manipulation leads to files or directories accessible. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-229271. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
    CWE
    • CWE-552 - Files or Directories Accessible
    Assigner
    References
    Impacted products
    Vendor Product Version
    Weaver OA Affected: 9.5
    Create a notification for this product.
    Credits
    1056600829 (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T06:33:05.602Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?id.229271"
              },
              {
                "tags": [
                  "signature",
                  "permissions-required",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?ctiid.229271"
              },
              {
                "tags": [
                  "exploit",
                  "x_transferred"
                ],
                "url": "https://github.com/8079048q/cve/blob/main/weaveroa.md"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "OA",
              "vendor": "Weaver",
              "versions": [
                {
                  "status": "affected",
                  "version": "9.5"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "analyst",
              "value": "1056600829 (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability was found in Weaver OA 9.5 and classified as problematic. This issue affects some unknown processing of the file /building/backmgr/urlpage/mobileurl/configfile/jx2_config.ini. The manipulation leads to files or directories accessible. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-229271. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
            },
            {
              "lang": "de",
              "value": "Eine problematische Schwachstelle wurde in Weaver OA 9.5 gefunden. Es geht hierbei um eine nicht n\u00e4her spezifizierte Funktion der Datei /building/backmgr/urlpage/mobileurl/configfile/jx2_config.ini. Durch das Beeinflussen mit unbekannten Daten kann eine files or directories accessible-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk angegangen werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 5,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-552",
                  "description": "CWE-552 Files or Directories Accessible",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-23T06:28:15.429Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "tags": [
                "vdb-entry"
              ],
              "url": "https://vuldb.com/?id.229271"
            },
            {
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.229271"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://github.com/8079048q/cve/blob/main/weaveroa.md"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2023-05-17T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2023-05-17T00:00:00.000Z",
              "value": "CVE reserved"
            },
            {
              "lang": "en",
              "time": "2023-05-17T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2023-06-10T11:00:36.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "Weaver OA jx2_config.ini file access"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2023-2766",
        "datePublished": "2023-05-17T16:31:04.349Z",
        "dateReserved": "2023-05-17T16:05:03.207Z",
        "dateUpdated": "2024-08-02T06:33:05.602Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-2765 (GCVE-0-2023-2765)

    Vulnerability from nvd – Published: 2023-05-17 16:31 – Updated: 2024-08-02 06:33
    VLAI
    Title
    Weaver OA downfile.php absolute path traversal
    Summary
    A vulnerability has been found in Weaver OA up to 9.5 and classified as problematic. This vulnerability affects unknown code of the file /E-mobile/App/System/File/downfile.php. The manipulation of the argument url leads to absolute path traversal. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-229270 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
    CWE
    • CWE-36 - Absolute Path Traversal
    Assigner
    References
    URL Tags
    https://vuldb.com/?id.229270 vdb-entrytechnical-description
    https://vuldb.com/?ctiid.229270 signaturepermissions-required
    https://github.com/eckert-lcc/cve/blob/main/Weave… exploit
    Impacted products
    Vendor Product Version
    Weaver OA Affected: 9.0
    Affected: 9.1
    Affected: 9.2
    Affected: 9.3
    Affected: 9.4
    Affected: 9.5
    Create a notification for this product.
    Credits
    eckert-lcc (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T06:33:05.773Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "technical-description",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?id.229270"
              },
              {
                "tags": [
                  "signature",
                  "permissions-required",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?ctiid.229270"
              },
              {
                "tags": [
                  "exploit",
                  "x_transferred"
                ],
                "url": "https://github.com/eckert-lcc/cve/blob/main/Weaver%20oa.md"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "OA",
              "vendor": "Weaver",
              "versions": [
                {
                  "status": "affected",
                  "version": "9.0"
                },
                {
                  "status": "affected",
                  "version": "9.1"
                },
                {
                  "status": "affected",
                  "version": "9.2"
                },
                {
                  "status": "affected",
                  "version": "9.3"
                },
                {
                  "status": "affected",
                  "version": "9.4"
                },
                {
                  "status": "affected",
                  "version": "9.5"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "analyst",
              "value": "eckert-lcc (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been found in Weaver OA up to 9.5 and classified as problematic. This vulnerability affects unknown code of the file /E-mobile/App/System/File/downfile.php. The manipulation of the argument url leads to absolute path traversal. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-229270 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
            },
            {
              "lang": "de",
              "value": "In Weaver OA bis 9.5 wurde eine problematische Schwachstelle gefunden. Es geht um eine nicht n\u00e4her bekannte Funktion der Datei /E-mobile/App/System/File/downfile.php. Durch Manipulieren des Arguments url mit unbekannten Daten kann eine absolute path traversal-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 4,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-36",
                  "description": "CWE-36 Absolute Path Traversal",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-23T06:27:02.236Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.229270"
            },
            {
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.229270"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://github.com/eckert-lcc/cve/blob/main/Weaver%20oa.md"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2023-05-17T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2023-05-17T00:00:00.000Z",
              "value": "CVE reserved"
            },
            {
              "lang": "en",
              "time": "2023-05-17T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2023-06-10T10:55:05.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "Weaver OA downfile.php absolute path traversal"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2023-2765",
        "datePublished": "2023-05-17T16:31:03.333Z",
        "dateReserved": "2023-05-17T16:05:00.734Z",
        "dateUpdated": "2024-08-02T06:33:05.773Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-2648 (GCVE-0-2023-2648)

    Vulnerability from nvd – Published: 2023-05-11 08:00 – Updated: 2025-01-24 21:14
    Title
    Weaver E-Office uploadify.php unrestricted upload
    Summary
    A vulnerability was found in Weaver E-Office 9.5. It has been classified as critical. This affects an unknown part of the file /inc/jquery/uploadify/uploadify.php. The manipulation of the argument Filedata leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-228777 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://vuldb.com/?id.228777 vdb-entrytechnical-description
    https://vuldb.com/?ctiid.228777 signaturepermissions-required
    https://github.com/sunyixuan1228/cve/blob/main/we… exploit
    Impacted products
    Vendor Product Version
    Weaver E-Office Affected: 9.5
    Create a notification for this product.
    Credits
    sunyixuan1228 (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T06:26:09.905Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "technical-description",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?id.228777"
              },
              {
                "tags": [
                  "signature",
                  "permissions-required",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?ctiid.228777"
              },
              {
                "tags": [
                  "exploit",
                  "x_transferred"
                ],
                "url": "https://github.com/sunyixuan1228/cve/blob/main/weaver.md"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-2648",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-24T21:14:01.039328Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-01-24T21:14:05.440Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "E-Office",
              "vendor": "Weaver",
              "versions": [
                {
                  "status": "affected",
                  "version": "9.5"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "analyst",
              "value": "sunyixuan1228 (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability was found in Weaver E-Office 9.5. It has been classified as critical. This affects an unknown part of the file /inc/jquery/uploadify/uploadify.php. The manipulation of the argument Filedata leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-228777 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
            },
            {
              "lang": "de",
              "value": "Es wurde eine Schwachstelle in Weaver E-Office 9.5 ausgemacht. Sie wurde als kritisch eingestuft. Es geht dabei um eine nicht klar definierte Funktion der Datei /inc/jquery/uploadify/uploadify.php. Durch Beeinflussen des Arguments Filedata mit unbekannten Daten kann eine unrestricted upload-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 6.5,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-434",
                  "description": "CWE-434 Unrestricted Upload",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-23T05:45:31.196Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.228777"
            },
            {
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.228777"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://github.com/sunyixuan1228/cve/blob/main/weaver.md"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2023-05-11T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2023-05-11T00:00:00.000Z",
              "value": "CVE reserved"
            },
            {
              "lang": "en",
              "time": "2023-05-11T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2023-06-07T14:20:55.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "Weaver E-Office uploadify.php unrestricted upload"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2023-2648",
        "datePublished": "2023-05-11T08:00:04.941Z",
        "dateReserved": "2023-05-11T05:32:57.638Z",
        "dateUpdated": "2025-01-24T21:14:05.440Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-2647 (GCVE-0-2023-2647)

    Vulnerability from nvd – Published: 2023-05-11 07:31 – Updated: 2024-08-02 06:26
    VLAI
    Title
    Weaver E-Office File Upload utility_all.php command injection
    Summary
    A vulnerability was found in Weaver E-Office 9.5 and classified as critical. Affected by this issue is some unknown functionality of the file /webroot/inc/utility_all.php of the component File Upload Handler. The manipulation leads to command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-228776. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
    CWE
    Assigner
    References
    URL Tags
    https://vuldb.com/?id.228776 vdb-entrytechnical-description
    https://vuldb.com/?ctiid.228776 signaturepermissions-required
    https://github.com/sunyixuan1228/cve/blob/main/we… exploit
    Impacted products
    Vendor Product Version
    Weaver E-Office Affected: 9.5
    Create a notification for this product.
    Credits
    sunyixuan1228 (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T06:26:09.776Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "technical-description",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?id.228776"
              },
              {
                "tags": [
                  "signature",
                  "permissions-required",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?ctiid.228776"
              },
              {
                "tags": [
                  "exploit",
                  "x_transferred"
                ],
                "url": "https://github.com/sunyixuan1228/cve/blob/main/weaver%20exec.md"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "modules": [
                "File Upload Handler"
              ],
              "product": "E-Office",
              "vendor": "Weaver",
              "versions": [
                {
                  "status": "affected",
                  "version": "9.5"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "analyst",
              "value": "sunyixuan1228 (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability was found in Weaver E-Office 9.5 and classified as critical. Affected by this issue is some unknown functionality of the file /webroot/inc/utility_all.php of the component File Upload Handler. The manipulation leads to command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-228776. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
            },
            {
              "lang": "de",
              "value": "Eine Schwachstelle wurde in Weaver E-Office 9.5 gefunden. Sie wurde als kritisch eingestuft. Es geht hierbei um eine nicht n\u00e4her spezifizierte Funktion der Datei /webroot/inc/utility_all.php der Komponente File Upload Handler. Durch das Beeinflussen mit unbekannten Daten kann eine command injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk angegangen werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 6.5,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-77",
                  "description": "CWE-77 Command Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-23T05:44:18.035Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.228776"
            },
            {
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.228776"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://github.com/sunyixuan1228/cve/blob/main/weaver%20exec.md"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2023-05-11T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2023-05-11T00:00:00.000Z",
              "value": "CVE reserved"
            },
            {
              "lang": "en",
              "time": "2023-05-11T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2023-06-07T14:18:53.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "Weaver E-Office File Upload utility_all.php command injection"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2023-2647",
        "datePublished": "2023-05-11T07:31:05.039Z",
        "dateReserved": "2023-05-11T05:32:00.452Z",
        "dateUpdated": "2024-08-02T06:26:09.776Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-2523 (GCVE-0-2023-2523)

    Vulnerability from nvd – Published: 2023-05-04 18:00 – Updated: 2024-08-02 06:26
    VLAI Shadowserver
    Title
    Weaver E-Office unrestricted upload
    Summary
    A vulnerability was found in Weaver E-Office 9.5. It has been rated as critical. Affected by this issue is some unknown functionality of the file App/Ajax/ajax.php?action=mobile_upload_save. The manipulation of the argument upload_quwan leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-228014 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
    CWE
    Assigner
    References
    URL Tags
    https://vuldb.com/?id.228014 vdb-entrytechnical-description
    https://vuldb.com/?ctiid.228014 signaturepermissions-required
    https://github.com/RCEraser/cve/blob/main/Weaver.md exploit
    Impacted products
    Vendor Product Version
    Weaver E-Office Affected: 9.5
    Create a notification for this product.
    Credits
    RCEraser (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T06:26:08.981Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "technical-description",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?id.228014"
              },
              {
                "tags": [
                  "signature",
                  "permissions-required",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?ctiid.228014"
              },
              {
                "tags": [
                  "exploit",
                  "x_transferred"
                ],
                "url": "https://github.com/RCEraser/cve/blob/main/Weaver.md"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "E-Office",
              "vendor": "Weaver",
              "versions": [
                {
                  "status": "affected",
                  "version": "9.5"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "analyst",
              "value": "RCEraser (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability was found in Weaver E-Office 9.5. It has been rated as critical. Affected by this issue is some unknown functionality of the file App/Ajax/ajax.php?action=mobile_upload_save. The manipulation of the argument upload_quwan leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-228014 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
            },
            {
              "lang": "de",
              "value": "Eine kritische Schwachstelle wurde in Weaver E-Office 9.5 ausgemacht. Hierbei geht es um eine nicht exakt ausgemachte Funktion der Datei App/Ajax/ajax.php?action=mobile_upload_save. Mittels Manipulieren des Arguments upload_quwan mit unbekannten Daten kann eine unrestricted upload-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 7.5,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-434",
                  "description": "CWE-434 Unrestricted Upload",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-23T05:24:47.040Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.228014"
            },
            {
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.228014"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://github.com/RCEraser/cve/blob/main/Weaver.md"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2023-05-04T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2023-05-04T00:00:00.000Z",
              "value": "CVE reserved"
            },
            {
              "lang": "en",
              "time": "2023-05-04T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2023-05-27T15:52:41.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "Weaver E-Office unrestricted upload"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2023-2523",
        "datePublished": "2023-05-04T18:00:05.694Z",
        "dateReserved": "2023-05-04T16:14:37.080Z",
        "dateUpdated": "2024-08-02T06:26:08.981Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-3227 (GCVE-0-2024-3227)

    Vulnerability from cvelistv5 – Published: 2024-04-03 02:31 – Updated: 2024-08-01 20:05
    VLAI
    Title
    Panwei eoffice OA Backend save_image.php path traversal
    Summary
    A vulnerability was found in Panwei eoffice OA up to 9.5. It has been declared as critical. This vulnerability affects unknown code of the file /general/system/interface/theme_set/save_image.php of the component Backend. The manipulation of the argument image_type leads to path traversal: '../filedir'. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-259072.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-24 - Path Traversal: '../filedir'
    Assigner
    References
    URL Tags
    https://vuldb.com/?id.259072 vdb-entrytechnical-description
    https://vuldb.com/?ctiid.259072 signaturepermissions-required
    https://vuldb.com/?submit.308750 third-party-advisory
    https://github.com/garboa/cve_3/blob/main/upload.md exploit
    Impacted products
    Vendor Product Version
    Panwei eoffice OA Affected: 9.0
    Affected: 9.1
    Affected: 9.2
    Affected: 9.3
    Affected: 9.4
    Affected: 9.5
    Create a notification for this product.
    Credits
    Guo Jiabao (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-3227",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-04-03T17:53:32.491219Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-05T17:22:24.994Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T20:05:08.169Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "VDB-259072 | Panwei eoffice OA Backend save_image.php path traversal",
                "tags": [
                  "vdb-entry",
                  "technical-description",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?id.259072"
              },
              {
                "name": "VDB-259072 | CTI Indicators (IOB, IOC, TTP, IOA)",
                "tags": [
                  "signature",
                  "permissions-required",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?ctiid.259072"
              },
              {
                "name": "Submit #308750 | Panwei Network Technology Co., Ltd. eoffice v9.5 files upload",
                "tags": [
                  "third-party-advisory",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?submit.308750"
              },
              {
                "tags": [
                  "exploit",
                  "x_transferred"
                ],
                "url": "https://github.com/garboa/cve_3/blob/main/upload.md"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "modules": [
                "Backend"
              ],
              "product": "eoffice OA",
              "vendor": "Panwei",
              "versions": [
                {
                  "status": "affected",
                  "version": "9.0"
                },
                {
                  "status": "affected",
                  "version": "9.1"
                },
                {
                  "status": "affected",
                  "version": "9.2"
                },
                {
                  "status": "affected",
                  "version": "9.3"
                },
                {
                  "status": "affected",
                  "version": "9.4"
                },
                {
                  "status": "affected",
                  "version": "9.5"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "Guo Jiabao (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability was found in Panwei eoffice OA up to 9.5. It has been declared as critical. This vulnerability affects unknown code of the file /general/system/interface/theme_set/save_image.php of the component Backend. The manipulation of the argument image_type leads to path traversal: \u0027../filedir\u0027. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-259072."
            },
            {
              "lang": "de",
              "value": "In Panwei eoffice OA bis 9.5 wurde eine Schwachstelle ausgemacht. Sie wurde als kritisch eingestuft. Betroffen ist eine unbekannte Verarbeitung der Datei /general/system/interface/theme_set/save_image.php der Komponente Backend. Dank der Manipulation des Arguments image_type mit unbekannten Daten kann eine path traversal: \u0027../filedir\u0027-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 4.7,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 4.7,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 5.8,
                "vectorString": "AV:N/AC:L/Au:M/C:P/I:P/A:P",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-24",
                  "description": "CWE-24 Path Traversal: \u0027../filedir\u0027",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-04-03T02:31:04.531Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-259072 | Panwei eoffice OA Backend save_image.php path traversal",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.259072"
            },
            {
              "name": "VDB-259072 | CTI Indicators (IOB, IOC, TTP, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.259072"
            },
            {
              "name": "Submit #308750 | Panwei Network Technology Co., Ltd. eoffice v9.5 files upload",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.308750"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://github.com/garboa/cve_3/blob/main/upload.md"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-04-02T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2024-04-02T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2024-04-02T20:19:50.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "Panwei eoffice OA Backend save_image.php path traversal"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2024-3227",
        "datePublished": "2024-04-03T02:31:04.531Z",
        "dateReserved": "2024-04-02T18:14:44.847Z",
        "dateUpdated": "2024-08-01T20:05:08.169Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-34798 (GCVE-0-2023-34798)

    Vulnerability from cvelistv5 – Published: 2023-07-25 00:00 – Updated: 2024-10-23 19:58
    VLAI
    Summary
    An arbitrary file upload vulnerability in eoffice before v9.5 allows attackers to execute arbitrary code via uploading a crafted file.
    Severity
    No CVSS data available.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T16:17:04.390Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://gist.github.com/Zhu013/e5e6e03613704a2a4107cc6456f1e8e2"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-34798",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-23T19:58:32.154570Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-23T19:58:41.945Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An arbitrary file upload vulnerability in eoffice before v9.5 allows attackers to execute arbitrary code via uploading a crafted file."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-07-25T00:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://gist.github.com/Zhu013/e5e6e03613704a2a4107cc6456f1e8e2"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2023-34798",
        "datePublished": "2023-07-25T00:00:00.000Z",
        "dateReserved": "2023-06-07T00:00:00.000Z",
        "dateUpdated": "2024-10-23T19:58:41.945Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-2766 (GCVE-0-2023-2766)

    Vulnerability from cvelistv5 – Published: 2023-05-17 16:31 – Updated: 2024-08-02 06:33
    VLAI
    Title
    Weaver OA jx2_config.ini file access
    Summary
    A vulnerability was found in Weaver OA 9.5 and classified as problematic. This issue affects some unknown processing of the file /building/backmgr/urlpage/mobileurl/configfile/jx2_config.ini. The manipulation leads to files or directories accessible. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-229271. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
    CWE
    • CWE-552 - Files or Directories Accessible
    Assigner
    References
    Impacted products
    Vendor Product Version
    Weaver OA Affected: 9.5
    Create a notification for this product.
    Credits
    1056600829 (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T06:33:05.602Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?id.229271"
              },
              {
                "tags": [
                  "signature",
                  "permissions-required",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?ctiid.229271"
              },
              {
                "tags": [
                  "exploit",
                  "x_transferred"
                ],
                "url": "https://github.com/8079048q/cve/blob/main/weaveroa.md"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "OA",
              "vendor": "Weaver",
              "versions": [
                {
                  "status": "affected",
                  "version": "9.5"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "analyst",
              "value": "1056600829 (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability was found in Weaver OA 9.5 and classified as problematic. This issue affects some unknown processing of the file /building/backmgr/urlpage/mobileurl/configfile/jx2_config.ini. The manipulation leads to files or directories accessible. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-229271. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
            },
            {
              "lang": "de",
              "value": "Eine problematische Schwachstelle wurde in Weaver OA 9.5 gefunden. Es geht hierbei um eine nicht n\u00e4her spezifizierte Funktion der Datei /building/backmgr/urlpage/mobileurl/configfile/jx2_config.ini. Durch das Beeinflussen mit unbekannten Daten kann eine files or directories accessible-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk angegangen werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 5,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-552",
                  "description": "CWE-552 Files or Directories Accessible",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-23T06:28:15.429Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "tags": [
                "vdb-entry"
              ],
              "url": "https://vuldb.com/?id.229271"
            },
            {
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.229271"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://github.com/8079048q/cve/blob/main/weaveroa.md"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2023-05-17T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2023-05-17T00:00:00.000Z",
              "value": "CVE reserved"
            },
            {
              "lang": "en",
              "time": "2023-05-17T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2023-06-10T11:00:36.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "Weaver OA jx2_config.ini file access"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2023-2766",
        "datePublished": "2023-05-17T16:31:04.349Z",
        "dateReserved": "2023-05-17T16:05:03.207Z",
        "dateUpdated": "2024-08-02T06:33:05.602Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-2765 (GCVE-0-2023-2765)

    Vulnerability from cvelistv5 – Published: 2023-05-17 16:31 – Updated: 2024-08-02 06:33
    VLAI
    Title
    Weaver OA downfile.php absolute path traversal
    Summary
    A vulnerability has been found in Weaver OA up to 9.5 and classified as problematic. This vulnerability affects unknown code of the file /E-mobile/App/System/File/downfile.php. The manipulation of the argument url leads to absolute path traversal. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-229270 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
    CWE
    • CWE-36 - Absolute Path Traversal
    Assigner
    References
    URL Tags
    https://vuldb.com/?id.229270 vdb-entrytechnical-description
    https://vuldb.com/?ctiid.229270 signaturepermissions-required
    https://github.com/eckert-lcc/cve/blob/main/Weave… exploit
    Impacted products
    Vendor Product Version
    Weaver OA Affected: 9.0
    Affected: 9.1
    Affected: 9.2
    Affected: 9.3
    Affected: 9.4
    Affected: 9.5
    Create a notification for this product.
    Credits
    eckert-lcc (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T06:33:05.773Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "technical-description",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?id.229270"
              },
              {
                "tags": [
                  "signature",
                  "permissions-required",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?ctiid.229270"
              },
              {
                "tags": [
                  "exploit",
                  "x_transferred"
                ],
                "url": "https://github.com/eckert-lcc/cve/blob/main/Weaver%20oa.md"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "OA",
              "vendor": "Weaver",
              "versions": [
                {
                  "status": "affected",
                  "version": "9.0"
                },
                {
                  "status": "affected",
                  "version": "9.1"
                },
                {
                  "status": "affected",
                  "version": "9.2"
                },
                {
                  "status": "affected",
                  "version": "9.3"
                },
                {
                  "status": "affected",
                  "version": "9.4"
                },
                {
                  "status": "affected",
                  "version": "9.5"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "analyst",
              "value": "eckert-lcc (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been found in Weaver OA up to 9.5 and classified as problematic. This vulnerability affects unknown code of the file /E-mobile/App/System/File/downfile.php. The manipulation of the argument url leads to absolute path traversal. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-229270 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
            },
            {
              "lang": "de",
              "value": "In Weaver OA bis 9.5 wurde eine problematische Schwachstelle gefunden. Es geht um eine nicht n\u00e4her bekannte Funktion der Datei /E-mobile/App/System/File/downfile.php. Durch Manipulieren des Arguments url mit unbekannten Daten kann eine absolute path traversal-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 4,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-36",
                  "description": "CWE-36 Absolute Path Traversal",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-23T06:27:02.236Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.229270"
            },
            {
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.229270"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://github.com/eckert-lcc/cve/blob/main/Weaver%20oa.md"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2023-05-17T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2023-05-17T00:00:00.000Z",
              "value": "CVE reserved"
            },
            {
              "lang": "en",
              "time": "2023-05-17T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2023-06-10T10:55:05.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "Weaver OA downfile.php absolute path traversal"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2023-2765",
        "datePublished": "2023-05-17T16:31:03.333Z",
        "dateReserved": "2023-05-17T16:05:00.734Z",
        "dateUpdated": "2024-08-02T06:33:05.773Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-2648 (GCVE-0-2023-2648)

    Vulnerability from cvelistv5 – Published: 2023-05-11 08:00 – Updated: 2025-01-24 21:14
    Title
    Weaver E-Office uploadify.php unrestricted upload
    Summary
    A vulnerability was found in Weaver E-Office 9.5. It has been classified as critical. This affects an unknown part of the file /inc/jquery/uploadify/uploadify.php. The manipulation of the argument Filedata leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-228777 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://vuldb.com/?id.228777 vdb-entrytechnical-description
    https://vuldb.com/?ctiid.228777 signaturepermissions-required
    https://github.com/sunyixuan1228/cve/blob/main/we… exploit
    Impacted products
    Vendor Product Version
    Weaver E-Office Affected: 9.5
    Create a notification for this product.
    Credits
    sunyixuan1228 (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T06:26:09.905Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "technical-description",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?id.228777"
              },
              {
                "tags": [
                  "signature",
                  "permissions-required",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?ctiid.228777"
              },
              {
                "tags": [
                  "exploit",
                  "x_transferred"
                ],
                "url": "https://github.com/sunyixuan1228/cve/blob/main/weaver.md"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-2648",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-24T21:14:01.039328Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-01-24T21:14:05.440Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "E-Office",
              "vendor": "Weaver",
              "versions": [
                {
                  "status": "affected",
                  "version": "9.5"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "analyst",
              "value": "sunyixuan1228 (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability was found in Weaver E-Office 9.5. It has been classified as critical. This affects an unknown part of the file /inc/jquery/uploadify/uploadify.php. The manipulation of the argument Filedata leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-228777 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
            },
            {
              "lang": "de",
              "value": "Es wurde eine Schwachstelle in Weaver E-Office 9.5 ausgemacht. Sie wurde als kritisch eingestuft. Es geht dabei um eine nicht klar definierte Funktion der Datei /inc/jquery/uploadify/uploadify.php. Durch Beeinflussen des Arguments Filedata mit unbekannten Daten kann eine unrestricted upload-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 6.5,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-434",
                  "description": "CWE-434 Unrestricted Upload",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-23T05:45:31.196Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.228777"
            },
            {
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.228777"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://github.com/sunyixuan1228/cve/blob/main/weaver.md"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2023-05-11T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2023-05-11T00:00:00.000Z",
              "value": "CVE reserved"
            },
            {
              "lang": "en",
              "time": "2023-05-11T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2023-06-07T14:20:55.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "Weaver E-Office uploadify.php unrestricted upload"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2023-2648",
        "datePublished": "2023-05-11T08:00:04.941Z",
        "dateReserved": "2023-05-11T05:32:57.638Z",
        "dateUpdated": "2025-01-24T21:14:05.440Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-2647 (GCVE-0-2023-2647)

    Vulnerability from cvelistv5 – Published: 2023-05-11 07:31 – Updated: 2024-08-02 06:26
    VLAI
    Title
    Weaver E-Office File Upload utility_all.php command injection
    Summary
    A vulnerability was found in Weaver E-Office 9.5 and classified as critical. Affected by this issue is some unknown functionality of the file /webroot/inc/utility_all.php of the component File Upload Handler. The manipulation leads to command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-228776. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
    CWE
    Assigner
    References
    URL Tags
    https://vuldb.com/?id.228776 vdb-entrytechnical-description
    https://vuldb.com/?ctiid.228776 signaturepermissions-required
    https://github.com/sunyixuan1228/cve/blob/main/we… exploit
    Impacted products
    Vendor Product Version
    Weaver E-Office Affected: 9.5
    Create a notification for this product.
    Credits
    sunyixuan1228 (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T06:26:09.776Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "technical-description",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?id.228776"
              },
              {
                "tags": [
                  "signature",
                  "permissions-required",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?ctiid.228776"
              },
              {
                "tags": [
                  "exploit",
                  "x_transferred"
                ],
                "url": "https://github.com/sunyixuan1228/cve/blob/main/weaver%20exec.md"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "modules": [
                "File Upload Handler"
              ],
              "product": "E-Office",
              "vendor": "Weaver",
              "versions": [
                {
                  "status": "affected",
                  "version": "9.5"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "analyst",
              "value": "sunyixuan1228 (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability was found in Weaver E-Office 9.5 and classified as critical. Affected by this issue is some unknown functionality of the file /webroot/inc/utility_all.php of the component File Upload Handler. The manipulation leads to command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-228776. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
            },
            {
              "lang": "de",
              "value": "Eine Schwachstelle wurde in Weaver E-Office 9.5 gefunden. Sie wurde als kritisch eingestuft. Es geht hierbei um eine nicht n\u00e4her spezifizierte Funktion der Datei /webroot/inc/utility_all.php der Komponente File Upload Handler. Durch das Beeinflussen mit unbekannten Daten kann eine command injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk angegangen werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 6.5,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-77",
                  "description": "CWE-77 Command Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-23T05:44:18.035Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.228776"
            },
            {
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.228776"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://github.com/sunyixuan1228/cve/blob/main/weaver%20exec.md"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2023-05-11T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2023-05-11T00:00:00.000Z",
              "value": "CVE reserved"
            },
            {
              "lang": "en",
              "time": "2023-05-11T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2023-06-07T14:18:53.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "Weaver E-Office File Upload utility_all.php command injection"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2023-2647",
        "datePublished": "2023-05-11T07:31:05.039Z",
        "dateReserved": "2023-05-11T05:32:00.452Z",
        "dateUpdated": "2024-08-02T06:26:09.776Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-2523 (GCVE-0-2023-2523)

    Vulnerability from cvelistv5 – Published: 2023-05-04 18:00 – Updated: 2024-08-02 06:26
    VLAI Shadowserver
    Title
    Weaver E-Office unrestricted upload
    Summary
    A vulnerability was found in Weaver E-Office 9.5. It has been rated as critical. Affected by this issue is some unknown functionality of the file App/Ajax/ajax.php?action=mobile_upload_save. The manipulation of the argument upload_quwan leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-228014 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
    CWE
    Assigner
    References
    URL Tags
    https://vuldb.com/?id.228014 vdb-entrytechnical-description
    https://vuldb.com/?ctiid.228014 signaturepermissions-required
    https://github.com/RCEraser/cve/blob/main/Weaver.md exploit
    Impacted products
    Vendor Product Version
    Weaver E-Office Affected: 9.5
    Create a notification for this product.
    Credits
    RCEraser (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T06:26:08.981Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "technical-description",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?id.228014"
              },
              {
                "tags": [
                  "signature",
                  "permissions-required",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?ctiid.228014"
              },
              {
                "tags": [
                  "exploit",
                  "x_transferred"
                ],
                "url": "https://github.com/RCEraser/cve/blob/main/Weaver.md"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "E-Office",
              "vendor": "Weaver",
              "versions": [
                {
                  "status": "affected",
                  "version": "9.5"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "analyst",
              "value": "RCEraser (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability was found in Weaver E-Office 9.5. It has been rated as critical. Affected by this issue is some unknown functionality of the file App/Ajax/ajax.php?action=mobile_upload_save. The manipulation of the argument upload_quwan leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-228014 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
            },
            {
              "lang": "de",
              "value": "Eine kritische Schwachstelle wurde in Weaver E-Office 9.5 ausgemacht. Hierbei geht es um eine nicht exakt ausgemachte Funktion der Datei App/Ajax/ajax.php?action=mobile_upload_save. Mittels Manipulieren des Arguments upload_quwan mit unbekannten Daten kann eine unrestricted upload-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 7.5,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-434",
                  "description": "CWE-434 Unrestricted Upload",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-23T05:24:47.040Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.228014"
            },
            {
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.228014"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://github.com/RCEraser/cve/blob/main/Weaver.md"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2023-05-04T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2023-05-04T00:00:00.000Z",
              "value": "CVE reserved"
            },
            {
              "lang": "en",
              "time": "2023-05-04T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2023-05-27T15:52:41.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "Weaver E-Office unrestricted upload"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2023-2523",
        "datePublished": "2023-05-04T18:00:05.694Z",
        "dateReserved": "2023-05-04T16:14:37.080Z",
        "dateUpdated": "2024-08-02T06:26:08.981Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }