Fengoffice Feng_office

6 CVEs affecting Fengoffice Feng_office. Latest disclosed: 2025-06-09. Critical: 1, High: 0.

Top CVEs affecting Fengoffice Feng_office
CVESeverityScorePublishedSummary
CVE-2019-9623Critical9.82019-03-07Feng Office 3.7.0.5 allows remote attackers to execute arbitrary code via "<!--#exec cmd=" in a .shtml file to ck_upload_handler.php.
CVE-2025-5877Medium6.32025-06-09A vulnerability, which was classified as problematic, has been found in Fengoffice Feng Office 3.2.2.1. Affected by this issue is some unknown functionality of…
CVE-2024-6039Medium6.32024-06-16A vulnerability, which was classified as critical, was found in Feng Office 3.11.1.2. Affected is an unknown function of the component Workspaces. The manipula…
CVE-2014-53432014-08-19Cross-site scripting (XSS) vulnerability in Feng Office allows remote attackers to inject arbitrary web script or HTML via a client Name field.
CVE-2013-57442013-10-28Cross-site scripting (XSS) vulnerability in Feng Office 2.3.2-rc and earlier allows remote attackers to inject arbitrary web script or HTML via an arbitrary re…
CVE-2011-37382011-09-23Feng Office 1.7.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error…