| Description: | | Weaver e-cology is an Office Automation (OA) software developed by Weaver Software, a Chinese company. The software aims to provide an integrated solution for internal office processes within enterprises, enhancing office efficiency and information management. There is a foreground file upload vulnerability in the version below the Weaver e-cology 10.58.3 patch. An unauthorized remote attacker can trigger a file upload by sending a special HTTP request, which can eventually cause the attacker to obtain the permission of the remote server. |