Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4
CVE-2024-35591
- EPSS 0.39%
- Published 24.05.2024 14:15:17
- Last modified 30.09.2025 18:34:07
An arbitrary file upload vulnerability in O2OA v8.3.8 allows attackers to execute arbitrary code via uploading a crafted PDF file.
5.9
CVE-2024-3689
- EPSS 0.31%
- Published 12.04.2024 15:15:26
- Last modified 19.09.2025 12:35:12
A vulnerability classified as problematic has been found in Zhejiang Land Zongheng Network Technology O2OA up to 20240403. Affected is an unknown function of the file /x_portal_assemble_surface/jaxrs/portal/list?v=8.2.3-4-43f4fe3. The manipulation le...
9.8
CVE-2023-47418
- EPSS 4.31%
- Published 30.11.2023 06:15:46
- Last modified 21.11.2024 08:30:15
Remote Code Execution (RCE) vulnerability in o2oa version 8.1.2 and before, allows attackers to create a new interface in the service management function to execute JavaScript.
9.8
CVE-2022-22916
- EPSS 90.19%
- Published 17.02.2022 22:15:07
- Last modified 21.11.2024 06:47:37
O2OA v6.4.7 was discovered to contain a remote code execution (RCE) vulnerability via /x_program_center/jaxrs/invoke.