Browse all 16 CVE security advisories affecting TOBESOFT. AI-powered Chinese analysis, POCs, and references for each vulnerability.
TOBESOFT develops low-code/no-code application platforms enabling rapid custom software development. Historically, their products have faced multiple remote code execution vulnerabilities, often stemming from insecure deserialization and improper input validation, alongside cross-site scripting flaws and privilege escalation risks. The company has accumulated 16 CVEs, with several critical RCE issues allowing attackers to execute arbitrary code with system-level privileges. While no major public security incidents have been widely documented, the consistent pattern of vulnerabilities in serialization mechanisms and access controls suggests potential risks for organizations relying on their platforms without implementing additional security layers.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2020-7866 | Tobesoft XPLATFORM Arbitrary Command Execution Vulnerability — XPLATFORMCWE-20 | 8.8 | High | 2021-07-20 |
| CVE-2020-7857 | Tobesoft Xplatform 输入验证错误漏洞 — XPlatformCWE-470 | 7.5 | High | 2021-04-20 |
| CVE-2020-7853 | TOBESOFT XPLATFORM Out-of-Bounds Read/Write Vulnerabilities — XplatformCWE-787 | 5.5 | Medium | 2021-03-24 |
| CVE-2020-7815 | Tobesoft Xplatform 注入漏洞 — XPLATFORM | 7.8 | High | 2020-07-10 |
| CVE-2019-19162 | Tobesoft Xplatform 资源管理错误漏洞 — XPLATFORMCWE-416 | 7.8 | High | 2020-05-11 |
| CVE-2020-7806 | Tobesoft Xplatform ActiveX File Download Vulnerability — XplatformCWE-494 | 7.8 | High | 2020-05-06 |
| CVE-2019-19166 | Tobesoft XPlatform Arbitrary File Execution Vulnerability — XPlatformCWE-494 | 7.8 | High | 2020-05-06 |
This page lists every published CVE security advisory associated with TOBESOFT. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.