Browse all 7 CVE security advisories affecting Generex. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Generex develops web application platforms primarily for enterprise content management and workflow automation. Historically, the company's products have been susceptible to multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, as evidenced by their seven recorded CVEs. Notable security characteristics include insufficient input validation and inadequate access controls in several components. While no major public security incidents have been widely documented, the consistent pattern of vulnerabilities in their software suggests a need for enhanced security development practices across their product line.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2022-47187 | File upload XSS vulnerability in Generex CS141 — UPS CS141CWE-79 | 5.3 | Medium | 2023-09-28 |
| CVE-2022-47186 | Unrestricted Upload of File vulnerability in Generex CS141 — UPS CS141CWE-434 | 7.5 | High | 2023-09-28 |
| CVE-2022-47188 | Improper Input Validation in Generex CS141 — UPS CS141CWE-20 | 7.5 | High | 2023-03-31 |
| CVE-2022-47189 | DoS via file upload vulnerability at Generex CS141 — UPS CS141CWE-20 | 7.5 | High | 2023-03-31 |
| CVE-2022-47190 | RCE via file upload vulnerability in Generex CS141 — UPS CS141CWE-20 | 10.0 | Critical | 2023-03-31 |
| CVE-2022-47191 | Privilege Escalation via file upload vulnerability at Generex CS141 — UPS CS141CWE-20 | 4.3 | Medium | 2023-03-31 |
| CVE-2022-47192 | Admin password reset via file upload vulnerability in Generex CS141 — UPS CS141CWE-20 | 8.8 | High | 2023-03-31 |
This page lists every published CVE security advisory associated with Generex. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.