Vulnerabilities > Tobesoft > Xplatform > 9.2.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-26 | CVE-2021-26629 | Path Traversal vulnerability in Tobesoft Xplatform A path traversal vulnerability in XPLATFORM's runtime archive function could lead to arbitrary file creation. | 6.8 |
| 2022-04-19 | CVE-2021-26626 | Improper Input Validation vulnerability in Tobesoft Xplatform Improper input validation vulnerability in XPLATFORM's execBrowser method can cause execute arbitrary commands. | 5.1 |
| 2021-07-20 | CVE-2020-7866 | Improper Input Validation vulnerability in Tobesoft Xplatform When using XPLATFORM 9.2.2.270 or earlier versions ActiveX component, arbitrary commands can be executed due to improper input validation | 7.5 |
| 2021-04-20 | CVE-2020-7857 | Improper Input Validation vulnerability in Tobesoft Xplatform A vulnerability of XPlatform could allow an unauthenticated attacker to execute arbitrary command. | 7.5 |
| 2021-03-24 | CVE-2020-7853 | Out-of-bounds Read vulnerability in Tobesoft Xplatform An outbound read/write vulnerability exists in XPLATFORM that does not check offset input ranges, allowing out-of-range data to be read. | 7.5 |
| 2020-11-17 | CVE-2020-7841 | Improper Input Validation vulnerability in Tobesoft Xplatform Improper input validation vulnerability exists in TOBESOFT XPLATFORM which could cause arbitrary .hta file execution when the command string is begun with http://, https://, mailto:// | 6.8 |
| 2020-07-10 | CVE-2020-7815 | Injection vulnerability in Tobesoft Xplatform XPLATFORM v9.2.260 and eariler versions contain a vulnerability that could allow remote files to be downloaded by setting the arguments to the vulnerable method. | 7.5 |
| 2020-05-11 | CVE-2019-19162 | Use After Free vulnerability in Tobesoft Xplatform A use-after-free vulnerability in the TOBESOFT XPLATFORM versions 9.1 to 9.2.2 may lead to code execution on a system running it. | 6.8 |
| 2020-05-06 | CVE-2020-7806 | Download of Code Without Integrity Check vulnerability in Tobesoft Xplatform Tobesoft Xplatform 9.2.2.250 and earlier version have an arbitrary code execution vulnerability by using method supported by Xplatform ActiveX Control. | 7.5 |
| 2020-05-06 | CVE-2019-19166 | Unspecified vulnerability in Tobesoft Xplatform Tobesoft XPlatform v9.1, 9.2.0, 9.2.1 and 9.2.2 have a vulnerability that can load unauthorized DLL files. | 4.4 |