Name: Tenderdoctransfer
Author: Cht

🔍 What is Tenderdoctransfer?

Description coming soon...

🛡️ Security Overview

Click on a severity to filter vulnerabilities

⚠️ Known Vulnerabilities

CVE-2024-12641

CRITICAL CVSS 9.6 Dec 16, 2024

TenderDocTransfer from Chunghwa Telecom has a reflected cross-site scripting (XSS) vulnerability combined with missing CSRF protection. Unauthenticated attackers can use phishing to execute arbitrary ...

CVE-2025-13282

HIGH CVSS 8.1 Nov 17, 2025

TenderDocTransfer software from Chunghwa Telecom has two critical vulnerabilities: lack of CSRF protection allows unauthenticated remote attackers to trigger API calls via phishing, and an absolute pa...

CVE-2025-13283

HIGH CVSS 7.1 Nov 17, 2025

TenderDocTransfer software has two critical vulnerabilities: lack of CSRF protection allows unauthenticated remote attackers to trigger API calls via phishing, and an absolute path traversal vulnerabi...