VYPR

Administrative Management System

by Wellchoose

CVEs (3)

  • CVE-2024-10202HigOct 21, 2024
    risk 0.57cvss 8.8epss 0.01

    Administrative Management System from Wellchoose has an OS Command Injection vulnerability, allowing remote attackers with regular privileges to inject and execute arbitrary OS commands.

  • CVE-2024-10201HigOct 21, 2024
    risk 0.57cvss 8.8epss 0.01

    Administrative Management System from Wellchoose does not properly validate uploaded file types, allowing remote attackers with regular privileges to upload and execute webshells.

  • CVE-2024-10200HigOct 21, 2024
    risk 0.49cvss 7.5epss 0.01

    Administrative Management System from Wellchoose has a Path Traversal vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to download arbitrary files on the server.