← Back

Groupware

groupware

Vendor: Handysoft • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2021-26630
1Handysoft
1Groupware
Nov 21, 2024
May 19, 2022
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
Improper input validation vulnerability in HANDY Groupware’s ActiveX moudle allows attackers to download or execute arbitrary files. This vulnerability can be exploited by using the file download or execution path as the...Show more
Improper input validation vulnerability in HANDY Groupware’s ActiveX moudle allows attackers to download or execute arbitrary files. This vulnerability can be exploited by using the file download or execution path as the parameter value of the vulnerable function.Show less
CVE-2020-7804
1Handysoft
1Groupware
Nov 21, 2024
Apr 29, 2020
N/A· v4
7.2 HIGH· v3
6.5 MEDIUM· v2
ActiveX Control(HShell.dll) in Handy Groupware 1.7.3.1 for Windows 7, 8, and 10 allows an attacker to execute arbitrary command via the ShellExec method.