Skip to main content

Xplatform

3 CVEs product

Monthly

CVE-2020-7841 HIGH This Week

Improper input validation vulnerability exists in TOBESOFT XPLATFORM which could cause arbitrary .hta file execution when the command string is begun with http://, https://, mailto://. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Xplatform
NVD
CVSS 3.1
8.8
EPSS
1.5%
CVE-2020-7815 CRITICAL Act Now

XPLATFORM v9.2.260 and eariler versions contain a vulnerability that could allow remote files to be downloaded by setting the arguments to the vulnerable method. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Microsoft Xplatform
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2020-7806 CRITICAL Act Now

Tobesoft Xplatform 9.2.2.250 and earlier version have an arbitrary code execution vulnerability by using method supported by Xplatform ActiveX Control. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Xplatform
NVD
CVSS 3.1
9.8
EPSS
0.7%
EPSS 2% CVSS 8.8
HIGH This Week

Improper input validation vulnerability exists in TOBESOFT XPLATFORM which could cause arbitrary .hta file execution when the command string is begun with http://, https://, mailto://. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Xplatform
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

XPLATFORM v9.2.260 and eariler versions contain a vulnerability that could allow remote files to be downloaded by setting the arguments to the vulnerable method. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Microsoft Xplatform
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Tobesoft Xplatform 9.2.2.250 and earlier version have an arbitrary code execution vulnerability by using method supported by Xplatform ActiveX Control. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Xplatform
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy