Tag

E-Office

1 brief RSS

Weaver E-office Unauthenticated Arbitrary File Upload Vulnerability

Weaver E-office versions prior to 10.0_20221201 are vulnerable to unauthenticated arbitrary file upload in the OfficeServer.php endpoint, allowing attackers to upload PHP webshells and achieve remote code execution.

E-office cve-2022-50993 file-upload webshell rce

2r 2t 1c Jan 3, 2024