CVE-2023-32755— e-Excellence U-Office Force - Error Message Leakage
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2023-32755
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
e-Excellence U-Office Force - Error Message Leakage
Source: NVD (National Vulnerability Database)
Vulnerability Description
e-Excellence U-Office Force generates an error message in webiste service. An unauthenticated remote attacker can obtain partial sensitive system information from error message by sending a crafted command.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
通过错误消息导致的信息暴露
Source: NVD (National Vulnerability Database)
Vulnerability Title
e-Excellence U-Office Force 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
e-Excellence U-Office Force是中国一等一科技(e-Excellence)公司的一个电子办公室平台。 e-Excellence U-Office Force 存在安全漏洞,该漏洞源于在主机启用网页服务并可从外部存取UOF 应用程式的条件下,攻击者可藉由发送特定指令,从网页服务回传的错误讯息中取得部分系统资讯。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| e-Excellence | U-Office Force | 20.0.7668D | - |
II. Public POCs for CVE-2023-32755
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2023-32755
请登录查看更多情报信息。
Same Patch Batch · e-Excellence · 2023-08-25 · 3 CVEs total
| CVE-2023-32757 | 9.8 CRITICAL | e-Excellence U-Office Force - Arbitrary File Upload |
| CVE-2023-32756 | 7.5 HIGH | e-Excellence U-Office Force - Path Traversal |
IV. Related Vulnerabilities
Same product: U-Office Force
- CVE-2026-3422
e-Excellence|U-Office Force - Insecure Deserialization - CVE-2025-12865
e-Excellence|U-Office Force - SQL Injection - CVE-2025-12864
e-Excellence|U-Office Force - SQL Injection - CVE-2025-2396
e-Excellence U-Office Force - Arbitrary File Upload - CVE-2025-2395
e-Excellence U-Office Force - Improper Authentication
Same vendor: e-Excellence
- CVE-2026-3422
e-Excellence|U-Office Force - Insecure Deserialization - CVE-2025-12865
e-Excellence|U-Office Force - SQL Injection - CVE-2025-12864
e-Excellence|U-Office Force - SQL Injection - CVE-2025-2396
e-Excellence U-Office Force - Arbitrary File Upload - CVE-2025-2395
e-Excellence U-Office Force - Improper Authentication
Same weakness: CWE-209
- CVE-2026-41644
monetr is vulnerable to server-side request forgery in Lunch - CVE-2025-31960
HCL BigFix Service Management (SM) is vulnerable to informat - CVE-2025-59853
HCL DFXAnalytics is affected by an Improper Error Handling v - CVE-2026-40969
Spring gRPC AuthenticationException message reflected to rem - CVE-2026-3259
Sensitive Data Disclosure in BigQuery via Materialized View
V. Comments for CVE-2023-32755
No comments yet