Vulnerabilities > Tobesoft > Xplatform > High

DATE CVE VULNERABILITY TITLE RISK
2021-07-20 CVE-2020-7866 Improper Input Validation vulnerability in Tobesoft Xplatform
When using XPLATFORM 9.2.2.270 or earlier versions ActiveX component, arbitrary commands can be executed due to improper input validation
network
low complexity
tobesoft CWE-20
7.5
2021-04-20 CVE-2020-7857 Improper Input Validation vulnerability in Tobesoft Xplatform
A vulnerability of XPlatform could allow an unauthenticated attacker to execute arbitrary command.
network
low complexity
tobesoft CWE-20
7.5
2021-03-24 CVE-2020-7853 Out-of-bounds Read vulnerability in Tobesoft Xplatform
An outbound read/write vulnerability exists in XPLATFORM that does not check offset input ranges, allowing out-of-range data to be read.
network
low complexity
tobesoft CWE-125
7.5
2020-07-10 CVE-2020-7815 Injection vulnerability in Tobesoft Xplatform
XPLATFORM v9.2.260 and eariler versions contain a vulnerability that could allow remote files to be downloaded by setting the arguments to the vulnerable method.
network
low complexity
tobesoft CWE-74
7.5
2020-05-06 CVE-2020-7806 Download of Code Without Integrity Check vulnerability in Tobesoft Xplatform
Tobesoft Xplatform 9.2.2.250 and earlier version have an arbitrary code execution vulnerability by using method supported by Xplatform ActiveX Control.
network
low complexity
tobesoft CWE-494
7.5