WordPress支付宝Alipay|财付通Tenpay|贝宝PayPal集成插件 Security Vulnerabilities

EmpireCMS has SQL injection vulnerability (CNVD-2021-52391)

EmpireCMS is an open source CMS system. EmpireCMS is vulnerable to SQL injection, which can be exploited by attackers to obtain sensitive database...

SQL Injection Vulnerability in Imperial Website Management System

Empire Website Management System is a secure, stable, powerful and flexible website management system based on B/S structure. The system is independently developed by Empire Software Working Group. There is a SQL injection vulnerability in Empire Web Management System, which can be exploited by...

Binary Vulnerability in DocuCom PDF Reader (CNVD-2021-51287)

DocuCom PDF Reader is a pdf-related product developed by Beijing Dinan Xingyu Technology Co. There is a binary vulnerability in DocuCom PDF Reader, which can be exploited by attackers to cause a denial of...

Binary Vulnerability in DocuCom PDF Reader (CNVD-2021-51289)

DocuCom PDF Reader is a pdf-related product developed by Beijing Dinan Xingyu Technology Co. There is a binary vulnerability in DocuCom PDF Reader, which is exploited by attackers to cause a denial of...

Weak Password Vulnerability in AC Centralized Management Platform of Youxun Electronic Equipment (Shanghai) Co.

Ltd. is a company that mainly deals with network equipment, wireless equipment, switches and other items. Ltd. AC centralized management platform has a weak password vulnerability, which can be exploited by attackers to obtain sensitive...

ZTE smart router has weak password vulnerability

ZTE Corporation is a leading global provider of integrated communications and information solutions, offering innovative technology and product solutions to telecom operators, government and enterprise customers, and consumers worldwide. A weak password vulnerability exists in ZTE smart routers,...

Binary Vulnerability in DocuCom PDF Reader (CNVD-2021-51288)

DocuCom PDF Reader is a pdf-related product developed by Beijing Dinan Xingyu Technology Co. There is a binary vulnerability in DocuCom PDF Reader, which can be exploited by attackers to cause a denial of...

Binary Vulnerability in DocuCom PDF Reader (CNVD-2021-51291)

DocuCom PDF Reader is a pdf-related product developed by Beijing Dinan Xingyu Technology Co. There is a binary vulnerability in DocuCom PDF Reader, which is exploited by attackers to cause a denial of...

Binary Vulnerability in DocuCom PDF Reader (CNVD-2021-51290)

DocuCom PDF Reader is a pdf-related product developed by Beijing Dinan Xingyu Technology Co. There is a binary vulnerability in DocuCom PDF Reader, which is exploited by attackers to cause a denial of...

File Upload Vulnerability in Library Cluster Management System of Guangzhou Tucron Computer Software Development Co.

Guangzhou Tucron Computer Software Development Co., Ltd. is a high-tech enterprise integrating product development, application integration and customer service. The library cluster management system of Guangzhou Tucron Computer Software Development Co., Ltd. has a file upload vulnerability, which....

WeChat webaudio component has a logic flaw vulnerability

WeChat a cross-platform communication tool. A logic flaw vulnerability exists in the WeChat webaudio component, which can be exploited by attackers to cause a denial of...

Code execution vulnerability exists in youdianCMS (CNVD-2021-51410)

YouDianCMS integrates computer website, mobile website, WeChat, APP, and applet in one, shared space, data is automatically synchronized, is the domestic open source five excellent solutions. youdianCMS has a code execution vulnerability, attackers can use the vulnerability to gain control of the.....

SQL injection vulnerability exists in youdiancms (CNVD-2021-51406)

YouDian CMS is a computer station, mobile site, microsoft, APP, small program in one, share space, data synchronization, is the domestic five stations in one excellent enterprise building solutions. youdiancms has SQL injection vulnerability, attackers can use the vulnerability to obtain sensitive....

Guangdong Topdi Elib4.1 Library Cluster Management System Has Command Execution Vulnerability

Ltd. is a high-tech company, hereinafter referred to as "Topdee Technology", has been engaged in the research and development of library management software, and the development and manufacture of library RFID self-service equipment, to provide library RFID system solutions. Guangdong Topduty...

Node-RED-Dashboard 任意文件读取漏洞 （CVE-2021-3223）

...

Ltd. has a directory traversal vulnerability in the Golden Point Intelligent Management Software

Ltd, business scope: artificial intelligence application software development; network and information security software development; software sales; information security equipment sales; network equipment sales; electronic product sales, etc. Yulin City Gold Dot Cloud Software Technology Co.,...

Binary vulnerability exists in Qtouch (CNVD-2021-51837)

QTouch is a professional cross-platform automation software launched by Wuhan Suntouch Intelligent Technology Co. Qtouch has a binary vulnerability that can be exploited by attackers to crash the...

Information leakage vulnerability in human resource management system of Guancheng Zhiyue Software Technology Co.

Ltd. is a high-tech enterprise with independent intellectual property rights and its own brand, integrating R&D, production, sales and service. Ltd. has an information leakage vulnerability in the human resource management system, which can be used by attackers to obtain sensitive...

Jinshan WPS Office Android version has information leakage vulnerability

WPS Office is an office software. Kingsoft WPS Office for Android has an information leakage vulnerability that can be exploited by attackers to obtain sensitive...

YouDianCMS is vulnerable to file upload (CNVD-2021-52065)

YouDianCMS integrates computer website, mobile website, WeChat, APP, and applet in one, sharing space, data is automatically synchronized, and is an excellent solution for domestic open source five-site integration. youdianCMS has a file upload vulnerability, which can be exploited by attackers to....

SQL Injection Vulnerability in Blue Ocean Premier Billing Management System (CNVD-2021-51859)

Blue Ocean Premier Billing Management System is a set of network security operation management system based on the realization of network operation, the enhancement of global security as the center, and the improvement of management efficiency. There is a SQL injection vulnerability in the Blue...

Exploit for Use After Free in Microsoft

CVE-2020-0674...

Exploit for Deserialization of Untrusted Data in Apache Tapestry

命令使用 ```bash git clone...

DocuCom PDF5 for Windows has an out-of-bounds access vulnerability (CNVD-2021-49570)

DocuCom PDF5 is a free to use PDF file viewing and editing tool. DocuCom PDF5 for Windows is vulnerable to an out-of-bounds access vulnerability, which can be exploited by attackers to cause information...

DocuCom PDF5 for Windows has an out-of-bounds access vulnerability

DocuCom PDF5 is a free to use PDF file viewing and editing tool. DocuCom PDF5 for Windows is vulnerable to an out-of-bounds access vulnerability, which can be exploited by attackers to cause information...

DocuCom PDF5 for Windows has a heap overflow vulnerability (CNVD-2021-49565)

DocuCom PDF5 is a free to use tool for viewing and editing documents in PDF format. DocuCom PDF5 for Windows is vulnerable to heap overflow, which can be exploited by attackers to crash the...

DocuCom PDF5 for Windows has an out-of-bounds access vulnerability (CNVD-2021-49568)

DocuCom PDF5 is a free to use PDF file viewing and editing tool. DocuCom PDF5 for Windows is vulnerable to an out-of-bounds access vulnerability, which can be exploited by attackers to cause information...

XSS Vulnerability in the Transport Management Cloud Platform of Zhongtong Cloud Warehouse Technology Co.

Zhongtong Cloud Warehouse Technology is a logistics company under Zhongtong Express Group, providing professional warehousing and distribution integrated supply chain comprehensive services for e-commerce platforms, brand merchants, social e-commerce, live streaming platforms, etc. Ltd. has an XSS....

DocuCom PDF5 for Windows has a heap overflow vulnerability

DocuCom PDF5 is a free to use tool for viewing and editing documents in PDF format. DocuCom PDF5 for Windows suffers from a heap overflow vulnerability, which can be exploited by attackers to crash the...

DocuCom PDF5 for Windows has an out-of-bounds access vulnerability (CNVD-2021-49571)

DocuCom PDF5 is a free to use PDF file viewing and editing tool. DocuCom PDF5 for Windows is vulnerable to an out-of-bounds access vulnerability, which can be exploited by attackers to cause information...

DocuCom PDF5 for Windows has an out-of-bounds access vulnerability (CNVD-2021-49569)

DocuCom PDF5 is a free to use PDF file viewing and editing tool. DocuCom PDF5 for Windows is vulnerable to an out-of-bounds access vulnerability, which can be exploited by attackers to cause information...

NNETGEAR GS748Tv5 has a weak password vulnerability

The NETGEAR GS748Tv5 is a Gigabit Ethernet switch. nNETGEAR GS748Tv5 is vulnerable to a weak password vulnerability that could be exploited by attackers to obtain sensitive...

OTCMS (PHP version) has command execution vulnerability

OTCMS (PHP version) is based on PHP sqlite/mysql technical architecture, UTF-8 encoding, not only for a wide range of news/article publishing websites, but also for enterprise websites.OTCMS (PHP version) has command execution vulnerability, attackers can use the vulnerability to obtain server...

Apache dubbo is vulnerable to deserialization (CNVD-2021-49587)

Apache Dubbo is a lightweight Java-based RPC (remote procedure call) framework from the Apache Foundation. Apache dubbo has a deserialization vulnerability that could be exploited by attackers to achieve command execution, server-side request forgery, and other...

ZTE Corporation W908-A10000 has a weak password vulnerability

W908-A10000 is a wireless controller from ZTE Corporation. ZTE Corporation W908-A10000 has a weak password vulnerability, which can be exploited by attackers to obtain sensitive...

SQL Injection Vulnerability in ThinkSNS of Chengdu Zhiyichuang Technology Co., Ltd (CNVD-2021-49159)

ThinkSNS (TS for short), an open source microblogging and social networking system under Zhishi Software, contains a series of functions such as microblogging, forums, information, channels, shopping mall, events, positioning, finding people, live streaming, Q&A, etc. Chengdu ZhiYi ChuangYi...

ThinkSNS has SQL injection vulnerability in Chengdu Zhiyichuang Technology Co.

ThinkSNS (TS for short) is an open source microblogging and social networking system from Smart Software, which includes a series of functions such as microblogging, forums, information, channels, shopping mall, events, locating, finding people, live streaming, Q&A, etc. ThinkSNS is vulnerable to.....

Exploit for OS Command Injection in Zeroshell

CVE-2019-12725 ZeroShell存在命令执行漏洞，导致攻击者可执行任意命令 工具利用...

Binary vulnerability exists in WPS Office of Zhuhai Kingsoft Office Software Co., Ltd (CNVD-2021-49105)

WPS Office is the office software produced by Kingsoft Office Software, which can achieve a variety of functions commonly used in office software such as text, tables, presentations, etc.. Ltd. WPS Office has a binary vulnerability, attackers can use the vulnerability to cause a...

Binary vulnerability exists in WPS Office of Zhuhai Kingsoft Office Software Co., Ltd (CNVD-2021-49106)

WPS Office is the office software produced by Kingsoft Office Software, which can achieve a variety of functions commonly used in office software such as text, tables, presentations, etc.. Ltd. WPS Office has a binary vulnerability, attackers can use the vulnerability to cause a...

Zhuhai Kingsoft Office Limited WPS Office has a binary vulnerability

WPS Office is the office software produced by Kingsoft Office Software, which can achieve a variety of functions commonly used in office software such as text, tables, presentations, etc.. Ltd. WPS Office has a binary vulnerability, attackers can use the vulnerability to cause a...

CVE-2021-35456

Online Pet Shop We App 1.0 is vulnerable to remote SQL injection and shell...

CVE-2021-35456

Online Pet Shop We App 1.0 is vulnerable to remote SQL injection and shell...

Sql injection

Online Pet Shop We App 1.0 is vulnerable to remote SQL injection and shell...

CVE-2021-35456

Online Pet Shop We App 1.0 is vulnerable to remote SQL injection and shell...

Lenovo PC Manager has a binary vulnerability

Lenovo PC Manager is a computer security software launched by Lenovo Group, developed by the core software team of Lenovo PC, focusing on the health and network security of Lenovo devices, with pop-up blocking, garbage cleaning, virus checking and killing, optimization and acceleration functions......

Bookshelf <= 2.0.4 - Authenticated Stored Cross-Site Scripting (XSS)

The plugin does not sanitise or escape its "Paypal email address" setting before outputting it in the page, leading to an authenticated Stored Cross-Site Scripting issue PoC Add the following payload in the "Paypal email address" setting of the plugin (/wp-admin/admin.php?page=bookshelf-settings):....

Bookshelf <= 2.0.4 - Authenticated Stored Cross-Site Scripting (XSS)

The plugin does not sanitise or escape its "Paypal email address" setting before outputting it in the page, leading to an authenticated Stored Cross-Site Scripting...

Weak Password Vulnerability in the Wireless Network Authentication Management System of Beijing E-Link ETC (CNVD-2021-48939)

Ltd. is a company whose business scope includes: technology development, technology transfer, technology consulting; computer technology training; computer animation design; computer system services; application software services, basic software services, etc. Ltd. wireless network authentication.....

DocuCom PDF Reader has a binary vulnerability

DocuCom PDF Reader is a powerful PDF file reader. DocuCom PDF Reader is vulnerable to a binary vulnerability that can be exploited by attackers to cause a denial of...