Vulnerabilities (CVE)

Filtered by vendor Wellchoose Subscribe
Filtered by product Administrative Management System
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-10200 1 Wellchoose 1 Administrative Management System 2024-10-24 N/A 7.5 HIGH
Administrative Management System from Wellchoose has a Path Traversal vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to download arbitrary files on the server.
CVE-2024-10201 1 Wellchoose 1 Administrative Management System 2024-10-24 N/A 8.8 HIGH
Administrative Management System from Wellchoose does not properly validate uploaded file types, allowing remote attackers with regular privileges to upload and execute webshells.
CVE-2024-10202 1 Wellchoose 1 Administrative Management System 2024-10-24 N/A 8.8 HIGH
Administrative Management System from Wellchoose has an OS Command Injection vulnerability, allowing remote attackers with regular privileges to inject and execute arbitrary OS commands.