Vulnerabilities > Tobesoft > Xplatform

DATE CVE VULNERABILITY TITLE RISK
2022-04-26 CVE-2021-26629 Path Traversal vulnerability in Tobesoft Xplatform
A path traversal vulnerability in XPLATFORM's runtime archive function could lead to arbitrary file creation.
network
tobesoft CWE-22
6.8
2022-04-19 CVE-2021-26626 Improper Input Validation vulnerability in Tobesoft Xplatform
Improper input validation vulnerability in XPLATFORM's execBrowser method can cause execute arbitrary commands.
network
high complexity
tobesoft CWE-20
5.1
2021-07-20 CVE-2020-7866 Improper Input Validation vulnerability in Tobesoft Xplatform
When using XPLATFORM 9.2.2.270 or earlier versions ActiveX component, arbitrary commands can be executed due to improper input validation
network
low complexity
tobesoft CWE-20
7.5
2021-04-20 CVE-2020-7857 Improper Input Validation vulnerability in Tobesoft Xplatform
A vulnerability of XPlatform could allow an unauthenticated attacker to execute arbitrary command.
network
low complexity
tobesoft CWE-20
7.5
2021-03-24 CVE-2020-7853 Out-of-bounds Read vulnerability in Tobesoft Xplatform
An outbound read/write vulnerability exists in XPLATFORM that does not check offset input ranges, allowing out-of-range data to be read.
network
low complexity
tobesoft CWE-125
7.5
2020-11-17 CVE-2020-7841 Improper Input Validation vulnerability in Tobesoft Xplatform
Improper input validation vulnerability exists in TOBESOFT XPLATFORM which could cause arbitrary .hta file execution when the command string is begun with http://, https://, mailto://
network
tobesoft CWE-20
6.8
2020-07-10 CVE-2020-7815 Injection vulnerability in Tobesoft Xplatform
XPLATFORM v9.2.260 and eariler versions contain a vulnerability that could allow remote files to be downloaded by setting the arguments to the vulnerable method.
network
low complexity
tobesoft CWE-74
7.5
2020-05-11 CVE-2019-19162 Use After Free vulnerability in Tobesoft Xplatform
A use-after-free vulnerability in the TOBESOFT XPLATFORM versions 9.1 to 9.2.2 may lead to code execution on a system running it.
6.8
2020-05-06 CVE-2020-7806 Download of Code Without Integrity Check vulnerability in Tobesoft Xplatform
Tobesoft Xplatform 9.2.2.250 and earlier version have an arbitrary code execution vulnerability by using method supported by Xplatform ActiveX Control.
network
low complexity
tobesoft CWE-494
7.5
2020-05-06 CVE-2019-19166 Unspecified vulnerability in Tobesoft Xplatform
Tobesoft XPlatform v9.1, 9.2.0, 9.2.1 and 9.2.2 have a vulnerability that can load unauthorized DLL files.
4.4