Medium severity4.7NVD Advisory· Published Apr 3, 2024· Updated Jun 17, 2026
CVE-2024-3227
CVE-2024-3227
Description
A vulnerability was found in Panwei eoffice OA up to 9.5. It has been declared as critical. This vulnerability affects unknown code of the file /general/system/interface/theme_set/save_image.php of the component Backend. The manipulation of the argument image_type leads to path traversal: '../filedir'. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-259072.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<9.5+ 1 more
- (no CPE)range: <9.5
- (no CPE)range: 9.0
Patches
Vulnerability mechanics
References
4- github.com/garboa/cve_3/blob/main/upload.mdnvdExploitThird Party Advisory
- vuldb.comnvdThird Party AdvisoryVDB Entry
- vuldb.comnvdThird Party AdvisoryVDB Entry
- vuldb.comnvdPermissions RequiredVDB Entry
News mentions
0No linked articles in our index yet.