← Back

Oaklouds Webbase 2.0

oaklouds-webbase-2.0

Vendor: Hgiga • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2024-26261
1Hgiga
4Oaklouds Organization 2.0
Oaklouds Organization 3.0Oaklouds Webbase 2.0+1 more
Jan 23, 2025
Feb 15, 2024
N/A· v4
9.8 CRITICAL· v3
N/A· v2
The functionality for file download in HGiga OAKlouds' certain modules contains an Arbitrary File Read and Delete vulnerability. Attackers can put file path in specific request parameters, allowing them to download the f...Show more
The functionality for file download in HGiga OAKlouds' certain modules contains an Arbitrary File Read and Delete vulnerability. Attackers can put file path in specific request parameters, allowing them to download the file without login. Furthermore, the file will be deleted after being downloaded.Show less
CVE-2024-26260
1Hgiga
4Oaklouds Organization 2.0
Oaklouds Organization 3.0Oaklouds Webbase 2.0+1 more
Jan 23, 2025
Feb 15, 2024
N/A· v4
9.8 CRITICAL· v3
N/A· v2
The functionality for synchronization in HGiga OAKlouds' certain moudules has an OS Command Injection vulnerability, allowing remote attackers to inject system commands within specific request parameters. This enables th...Show more
The functionality for synchronization in HGiga OAKlouds' certain moudules has an OS Command Injection vulnerability, allowing remote attackers to inject system commands within specific request parameters. This enables the execution of arbitrary code on the remote server without permission.Show less