CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-24241

ACEweb Online Portal 3.5.065 was discovered to contain an External Controlled File Path and Name vulnerability via the txtFilePath parameter in attachments.awp.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 59.0%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

http://aceware.com
http://aceweb.com
https://www.aceware.com/forum/viewtopic.php?f=7&t=481
http://aceware.com
http://aceweb.com
https://www.aceware.com/forum/viewtopic.php?f=7&t=481

Products affected by CVE-2022-24241

Aceware » Aceweb Online Portal » Version: N/A

cpe:2.3:a:aceware:aceweb_online_portal:-
Aceware » Aceweb Online Portal » Version: 3.5.065

cpe:2.3:a:aceware:aceweb_online_portal:3.5.065

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-24241

Products

Pricing

Contact Us