{ "Name": "Weaver E-office do_excel.php file inclusion vulnerability", "Description": "
e-office is a standard collaborative mobile office platform.
There is a file inclusion vulnerability in e-office, through which an attacker can write malicious files.
", "Product": "Weaver E-office", "Homepage": "www.weaver.com.cn", "DisclosureDate": "2022-03-23", "Author": "1243099890@qq.com", "FofaQuery": "((header=\"general/login/index.php\" || body=\"/general/login/view//images/updateLoad.gif\" || (body=\"szFeatures\" && body=\"eoffice\") || header=\"Server: eOffice\") && body!=\"Server: couchdb\") || banner=\"general/login/index.php\"", "GobyQuery": "((header=\"general/login/index.php\" || body=\"/general/login/view//images/updateLoad.gif\" || (body=\"szFeatures\" && body=\"eoffice\") || header=\"Server: eOffice\") && body!=\"Server: couchdb\") || banner=\"general/login/index.php\"", "Level": "3", "Impact": "There is a file inclusion vulnerability in e-office, through which an attacker can write malicious files.
e-office是上海泛微网络科技股份有限公司一款标准协同移动办公平台。
e-office存在文件包含漏洞,攻击者可以通过该漏洞写入恶意文件。
", "Recommendation": "厂商已发布补丁修复漏洞,请及时更新:https://www.weaver.com.cn/
", "Impact": "e-office存在文件包含漏洞,攻击者可以通过该漏洞写入恶意文件。
e-office is a standard collaborative mobile office platform.
There is a file inclusion vulnerability in e-office, through which an attacker can write malicious files.
", "Recommendation": "The manufacturer has released a patch to fix the vulnerability, please update it in time:https://www.weaver.com.cn/
There is a file inclusion vulnerability in e-office, through which an attacker can write malicious files.