Vulnerabilities > Aceware > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-02 | CVE-2022-24241 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Aceware Aceweb Online Portal 3.5.065 ACEweb Online Portal 3.5.065 was discovered to contain an External Controlled File Path and Name vulnerability via the txtFilePath parameter in attachments.awp. | 7.5 |
| 2022-06-02 | CVE-2022-24581 | Unrestricted Upload of File with Dangerous Type vulnerability in Aceware Aceweb Online Portal ACEweb Online Portal 3.5.065 allows unauthenticated SMB hash capture via UNC. | 7.5 |