Browse all 4 CVE security advisories affecting ArslanSoft. AI-powered Chinese analysis, POCs, and references for each vulnerability.
ArslanSoft develops enterprise software solutions with a focus on business process automation and workflow management systems. Historically, their products have been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from insufficient input validation and improper access controls. While no major public security incidents have been widely documented, the four CVEs attributed to their products highlight recurring issues in authentication mechanisms and secure coding practices. Their security posture appears to follow typical industry patterns, with vulnerabilities primarily centered on web application interfaces and API endpoints, requiring continued attention to secure development lifecycles and timely patch management.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-5636 | Malicious File Upload in ArslanSoft's Education Portal — Education PortalCWE-434 | 9.8 | Critical | 2023-12-01 |
| CVE-2023-5637 | Plaintext Storage of a Password in ArslanSoft's Education Portal — Education PortalCWE-434 | 7.5 | High | 2023-12-01 |
| CVE-2023-5635 | User Enumeration in ArslanSoft's Education Portal — Education PortalCWE-1320 | 7.5 | High | 2023-12-01 |
| CVE-2023-5634 | SQLi in ArslanSoft's Education Portal — Education PortalCWE-89 | 9.8 | Critical | 2023-12-01 |
This page lists every published CVE security advisory associated with ArslanSoft. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.