Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-35504 | 1 Finesoft Project | 1 Finesoft | 2025-09-27 | N/A | 5.4 MEDIUM |
| A cross-site scripting (XSS) vulnerability in the login page of FineSoft v8.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the URL:errorname parameter after a failed login attempt. | |||||
| CVE-2024-37678 | 1 Finesoft Project | 1 Finesoft | 2025-09-23 | N/A | 5.3 MEDIUM |
| Cross Site Scripting vulnerability in Hangzhou Meisoft Information Technology Co., Ltd. Finesoft v.8.0 and before allows a remote attacker to execute arbitrary code via a crafted script. | |||||
| CVE-2024-37680 | 1 Finesoft Project | 1 Finesoft | 2025-03-27 | N/A | 6.1 MEDIUM |
| Hangzhou Meisoft Information Technology Co., Ltd. FineSoft <=8.0 is affected by Cross Site Scripting (XSS) which allows remote attackers to execute arbitrary code. Enter any account and password, click Login, the page will report an error, and a controllable parameter will appear at the URL:weburl. | |||||
| CVE-2024-37679 | 1 Finesoft Project | 1 Finesoft | 2024-11-21 | N/A | 6.1 MEDIUM |
| Cross Site Scripting vulnerability in Hangzhou Meisoft Information Technology Co., Ltd. Finesoft v.8.0 and before allows a remote attacker to execute arbitrary code via a crafted script to the login.jsp parameter. | |||||