Skip to content
Threat Feed

Vendor

Weaver

1 brief RSS
critical advisory

Weaver E-office Unauthenticated Arbitrary File Upload Vulnerability

Weaver E-office versions prior to 10.0_20221201 are vulnerable to unauthenticated arbitrary file upload in the OfficeServer.php endpoint, allowing attackers to upload PHP webshells and achieve remote code execution.

E-office cve-2022-50993 file-upload webshell rce
2r 2t 1c