Administrative Management System
by Wellchoose
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-10202 | Hig | 0.57 | 8.8 | 0.01 | Oct 21, 2024 | Administrative Management System from Wellchoose has an OS Command Injection vulnerability, allowing remote attackers with regular privileges to inject and execute arbitrary OS commands. | ||
| CVE-2024-10201 | Hig | 0.57 | 8.8 | 0.01 | Oct 21, 2024 | Administrative Management System from Wellchoose does not properly validate uploaded file types, allowing remote attackers with regular privileges to upload and execute webshells. | ||
| CVE-2024-10200 | Hig | 0.49 | 7.5 | 0.01 | Oct 21, 2024 | Administrative Management System from Wellchoose has a Path Traversal vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to download arbitrary files on the server. |
- risk 0.57cvss 8.8epss 0.01
Administrative Management System from Wellchoose has an OS Command Injection vulnerability, allowing remote attackers with regular privileges to inject and execute arbitrary OS commands.
- risk 0.57cvss 8.8epss 0.01
Administrative Management System from Wellchoose does not properly validate uploaded file types, allowing remote attackers with regular privileges to upload and execute webshells.
- risk 0.49cvss 7.5epss 0.01
Administrative Management System from Wellchoose has a Path Traversal vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to download arbitrary files on the server.