Administrative Management System

administrative_management_system

Vendor: Wellchoose • 3 CVEs

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-10202 1Wellchoose 1Administrative Management System Oct 24, 2024 Oct 21, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Administrative Management System from Wellchoose has an OS Command Injection vulnerability, allowing remote attackers with regular privileges to inject and execute arbitrary OS commands.
CVE-2024-10201 1Wellchoose 1Administrative Management System Oct 24, 2024 Oct 21, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Administrative Management System from Wellchoose does not properly validate uploaded file types, allowing remote attackers with regular privileges to upload and execute webshells.
CVE-2024-10200 1Wellchoose 1Administrative Management System Oct 24, 2024 Oct 21, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Administrative Management System from Wellchoose has a Path Traversal vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to download arbitrary files on the server.