Filtered by vendor Finesoft Project Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-37680 2 Finesoft Project, Hangzhou Meisoft Information Technology 2 Finesoft, Finesoft 2024-11-21 6.3 Medium
Hangzhou Meisoft Information Technology Co., Ltd. FineSoft <=8.0 is affected by Cross Site Scripting (XSS) which allows remote attackers to execute arbitrary code. Enter any account and password, click Login, the page will report an error, and a controllable parameter will appear at the URL:weburl.
CVE-2024-37679 2 Finesoft Project, Hangzhou Meisoft Information Technology 2 Finesoft, Finesoft 2024-11-21 6.1 Medium
Cross Site Scripting vulnerability in Hangzhou Meisoft Information Technology Co., Ltd. Finesoft v.8.0 and before allows a remote attacker to execute arbitrary code via a crafted script to the login.jsp parameter.