Browse all 9 CVE security advisories affecting Web-ofisi. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Web-ofisi is a web-based office suite primarily used for document collaboration and management. Historically, it has been vulnerable to multiple remote code execution (RCE) and cross-site scripting (XSS) flaws, often stemming from improper input validation and insecure session management. Privilege escalation vulnerabilities have also been prevalent, allowing unauthorized access to restricted functions. The application's security posture has been inconsistent, with nine CVEs documented to date, including several critical RCE issues that could enable complete system compromise. No major public security incidents have been widely reported, though the consistent discovery of vulnerabilities suggests ongoing security challenges in its architecture and development practices.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2019-25457 | Web Ofisi Firma v13 SQL Injection via oz Parameter — FirmaCWE-89 | 7.5 | High | 2026-02-22 |
This page lists every published CVE security advisory associated with Web-ofisi. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.