Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Weaver — Vulnerabilities & Security Advisories 10

Browse all 10 CVE security advisories affecting Weaver. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Weaver primarily provides enterprise IT management solutions, with a core use case centered on system monitoring and control across distributed networks. Historically, Weaver products have been susceptible to multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, accounting for 10 recorded CVEs. The security posture has been marked by insufficient input validation and improper access controls in web interfaces. While no major public security incidents have been widely documented, the consistent pattern of vulnerabilities suggests ongoing challenges in secure coding practices, particularly in handling user-supplied data and privilege management within their administrative platforms.

Top products by Weaver: e-cology E-Office OA E-Mobile Mobile Management Platform
CVE IDTitleCVSSSeverityPublished
CVE-2025-9590 Weaver E-Mobile Mobile Management Platform cross site scripting — E-Mobile Mobile Management PlatformCWE-79 3.5 Low2025-08-28
CVE-2025-34038 Weaver E-cology SQL Injection — E-cologyCWE-89 9.1AICriticalAI2025-06-24
CVE-2024-7704 Weaver e-cology Source Code ecology_dev.zip information disclosure — e-cologyCWE-200 5.3 Medium2024-08-12
CVE-2023-3793 Weaver e-cology HTTP POST Request filelFileDownloadForOutDoc.class sql injection — e-cologyCWE-89 5.5 Medium2023-07-20
CVE-2023-2806 Weaver e-cology API RequestInfoByXml xml external entity reference — e-cologyCWE-611 5.5 Medium2023-05-19
CVE-2023-2766 Weaver OA jx2_config.ini file access — OACWE-552 5.3 Medium2023-05-17
CVE-2023-2765 Weaver OA downfile.php absolute path traversal — OACWE-36 4.3 Medium2023-05-17
CVE-2023-2648 Weaver E-Office uploadify.php unrestricted upload — E-OfficeCWE-434 6.3 Medium2023-05-11
CVE-2023-2647 Weaver E-Office File Upload utility_all.php command injection — E-OfficeCWE-77 6.3 Medium2023-05-11
CVE-2023-2523 Weaver E-Office unrestricted upload — E-OfficeCWE-434 7.3 High2023-05-04

This page lists every published CVE security advisory associated with Weaver. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.