← Back

Wddgroup

wddgroup

2 CVEs • 2 products

Products (2)

Click to collapse
Toggle
Fantsy
fantsy
1 CVE
Fantasy
fantasy
1 CVE

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2023-28699
1Wddgroup
1Fantasy
Nov 21, 2024
Jun 2, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
Wade Graphic Design FANTSY has a vulnerability of insufficient filtering for file type in its file update function. An authenticated remote attacker with general user privilege can exploit this vulnerability to upload a...Show more
Wade Graphic Design FANTSY has a vulnerability of insufficient filtering for file type in its file update function. An authenticated remote attacker with general user privilege can exploit this vulnerability to upload a PHP file containing a webshell to perform arbitrary system operation or disrupt service.Show less
CVE-2023-28698
1Wddgroup
1Fantsy
Nov 21, 2024
Jun 2, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
Wade Graphic Design FANTSY has a vulnerability of insufficient authorization check. An unauthenticated remote user can exploit this vulnerability by modifying URL parameters to gain administrator privileges to perform ar...Show more
Wade Graphic Design FANTSY has a vulnerability of insufficient authorization check. An unauthenticated remote user can exploit this vulnerability by modifying URL parameters to gain administrator privileges to perform arbitrary system operation or disrupt service.Show less