Every CVE whose affected-product data names Edetw U-office Force, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (15)
CVE-2023-32757 — CVSS 9.8 (critical): e-Excellence U-Office Force file uploading function does not restrict upload of file with dangerous type. An unauthenticated remote…
CVE-2025-2395 — CVSS 9.8 (critical): The U-Office Force from e-Excellence has an Improper Authentication vulnerability, allowing unauthenticated remote attackers to use a…
CVE-2026-3422 — CVSS 9.8 (critical): U-Office Force developed by e-Excellence has a Insecure Deserialization vulnerability, allowing unauthenticated remote attackers to execute…
CVE-2025-2396 — CVSS 8.8 (high): The U-Office Force from e-Excellence has an Arbitrary File Upload vulnerability, allowing remote attackers with regular privileges to…
CVE-2025-12864 — CVSS 8.8 (high): U-Office Force developed by e-Excellence has a SQL Injection vulnerability, allowing authenticated remote attacker to inject arbitrary SQL…
CVE-2025-12865 — CVSS 8.8 (high): U-Office Force developed by e-Excellence has a SQL Injection vulnerability, allowing authenticated remote attacker to inject arbitrary SQL…
CVE-2023-32756 — CVSS 7.5 (high): e-Excellence U-Office Force has a path traversal vulnerability within its file uploading and downloading functions. An unauthenticated…
CVE-2022-39023 — CVSS 6.5 (medium): U-Office Force Download function has a path traversal vulnerability. A remote attacker with general user privilege can exploit this…
CVE-2022-39022 — CVSS 6.5 (medium): U-Office Force Download function has a path traversal vulnerability. A remote attacker with general user privilege can exploit this…
CVE-2022-39021 — CVSS 6.1 (medium): U-Office Force login function has an Open Redirect vulnerability. An unauthenticated remote attacker can exploit this vulnerability to…
CVE-2022-39024 — CVSS 6.1 (medium): U-Office Force Bulletin function has insufficient filtering for special characters. An unauthenticated remote attacker can exploit this…
CVE-2022-39025 — CVSS 6.1 (medium): U-Office Force PrintMessage function has insufficient filtering for special characters. An unauthenticated remote attacker can exploit this…
CVE-2022-39027 — CVSS 5.4 (medium): U-Office Force Forum function has insufficient filtering for special characters. A remote attacker with general user privilege can inject…
CVE-2022-39026 — CVSS 5.4 (medium): U-Office Force UserDefault page has insufficient filtering for special characters in the HTTP header fields. A remote attacker with general…
CVE-2023-32755 — CVSS 5.3 (medium): e-Excellence U-Office Force generates an error message in webiste service. An unauthenticated remote attacker can obtain partial sensitive…