Wellchoose Administrative Management System vulnerabilities
3 known vulnerabilities affecting wellchoose/administrative_management_system.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH3
Vulnerabilities
Page 1 of 1
CVE-2024-10202P2HIGHCVSS 8.8v02024-10-21
CVE-2024-10202 [HIGH] CWE-78 CVE-2024-10202: Administrative Management System from Wellchoose has an OS Command Injection vulnerability, allowing
Administrative Management System from Wellchoose has an OS Command Injection vulnerability, allowing remote attackers with regular privileges to inject and execute arbitrary OS commands.
nvd
CVE-2024-10200P3HIGHCVSS 7.5v02024-10-21
CVE-2024-10200 [HIGH] CWE-23 CVE-2024-10200: Administrative Management System from Wellchoose has a Path Traversal vulnerability, allowing unauth
Administrative Management System from Wellchoose has a Path Traversal vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to download arbitrary files on the server.
nvd
CVE-2024-10201P3HIGHCVSS 8.8v02024-10-21
CVE-2024-10201 [HIGH] CWE-434 CVE-2024-10201: Administrative Management System from Wellchoose does not properly validate uploaded file types, all
Administrative Management System from Wellchoose does not properly validate uploaded file types, allowing remote attackers with regular privileges to upload and execute webshells.
nvd