CVE-2024-37678
- EPSS 0.85%
- Veröffentlicht 24.06.2024 20:15:10
- Zuletzt bearbeitet 23.09.2025 01:42:25
Cross Site Scripting vulnerability in Hangzhou Meisoft Information Technology Co., Ltd. Finesoft v.8.0 and before allows a remote attacker to execute arbitrary code via a crafted script.
CVE-2024-37679
- EPSS 0.37%
- Veröffentlicht 24.06.2024 19:15:15
- Zuletzt bearbeitet 21.11.2024 09:24:14
Cross Site Scripting vulnerability in Hangzhou Meisoft Information Technology Co., Ltd. Finesoft v.8.0 and before allows a remote attacker to execute arbitrary code via a crafted script to the login.jsp parameter.
CVE-2024-37680
- EPSS 0.09%
- Veröffentlicht 24.06.2024 19:15:15
- Zuletzt bearbeitet 27.03.2025 15:15:52
Hangzhou Meisoft Information Technology Co., Ltd. FineSoft <=8.0 is affected by Cross Site Scripting (XSS) which allows remote attackers to execute arbitrary code. Enter any account and password, click Login, the page will report an error, and a cont...
CVE-2024-35504
- EPSS 0.44%
- Veröffentlicht 30.05.2024 15:15:48
- Zuletzt bearbeitet 27.09.2025 00:07:45
A cross-site scripting (XSS) vulnerability in the login page of FineSoft v8.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the URL:errorname parameter after a failed login attempt.