Fengoffice Feng_office
6 CVEs affecting Fengoffice Feng_office. Latest disclosed: 2025-06-09. Critical: 1, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2019-9623 | Critical | 9.8 | 2019-03-07 | Feng Office 3.7.0.5 allows remote attackers to execute arbitrary code via "<!--#exec cmd=" in a .shtml file to ck_upload_handler.php. |
CVE-2025-5877 | Medium | 6.3 | 2025-06-09 | A vulnerability, which was classified as problematic, has been found in Fengoffice Feng Office 3.2.2.1. Affected by this issue is some unknown functionality of… |
CVE-2024-6039 | Medium | 6.3 | 2024-06-16 | A vulnerability, which was classified as critical, was found in Feng Office 3.11.1.2. Affected is an unknown function of the component Workspaces. The manipula… |
CVE-2014-5343 | | 2014-08-19 | Cross-site scripting (XSS) vulnerability in Feng Office allows remote attackers to inject arbitrary web script or HTML via a client Name field. | |
CVE-2013-5744 | | 2013-10-28 | Cross-site scripting (XSS) vulnerability in Feng Office 2.3.2-rc and earlier allows remote attackers to inject arbitrary web script or HTML via an arbitrary re… | |
CVE-2011-3738 | | 2011-09-23 | Feng Office 1.7.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error… |