Lucene search
K

77 matches found

CNVD
CNVD
added 2020/07/23 12:0 a.m.3 views

Cisco SD-WAN vManage Software Path Traversal Vulnerability (CNVD-2020-42258)

Cisco SD-WAN vManage Software is a management software for SD-WAN Software Defined Wide Area Network solutions from Cisco. A path traversal vulnerability exists in the web management interface in Cisco SD-WAN vManage Software, which stems from the program failing to properly validate uploaded...

8.8CVSS6.9AI score0.02644EPSS
Exploits0References1
CNVD
CNVD
added 2020/07/01 12:0 a.m.2 views

Virgo_ZodiacToken Logic Flaw Vulnerability

VirgoZodiacToken is an Ether-based digital currency. A security vulnerability exists in VirgoZodiacToken's smart contract implementation that stems from the program's use of '='. An attacker could use the vulnerability to transfer funds from an arbitrary address to a user's address...

7AI score
Exploits0References1
CNVD
CNVD
added 2020/06/22 12:0 a.m.2 views

Unspecified Vulnerability in Mattermost Server (CNVD-2020-35353)

Mattermost Server is the United States Mattermost company's set of open source messaging platform. A security vulnerability exists in Mattermost Server that can be exploited by an attacker to create a trusted Oauth application...

6.5CVSS6.8AI score0.00791EPSS
Exploits0References1
CNVD
CNVD
added 2020/05/14 12:0 a.m.1 views

Nantong Wanjia Network Technology Co., Ltd. website building system suffers from SQL injection vulnerabilities (CNVD-2020-30187)

Nantong Wanjia Network Technology Co., Ltd. is engaged in website construction, website design, high-end website production, network promotion and so on. Nantong Wanjia Network Technology Co., Ltd. website building system has SQL injection vulnerability, attackers can use the vulnerability to...

7.7AI score
Exploits0
CNVD
CNVD
added 2020/04/29 12:0 a.m.5 views

Opmantek Open-AudIT Injection Vulnerability

Opmantek Open-AudIT is an open source network discovery and auditing program from Opmantek USA. The program intelligently scans networks and network devices and provides status reports. Opmantek Open-AudIT suffers from an injection vulnerability. An attacker can exploit this vulnerability to inje...

9CVSS7.6AI score0.09999EPSS
Exploits3References1
CNVD
CNVD
added 2020/03/17 12:0 a.m.4 views

Voo branded NETGEAR CG3700b Authorization Issues Vulnerability

The NETGEAR CG3700b is a cable modem and router from NETGEAR. An authorization issue vulnerability exists in the Voo branded NETGEAR CG3700b that stems from the use of the same default 8-character passphrase for the management console and WPA2 pre-shared key, which can be exploited by an attacker...

7.5CVSS6.9AI score0.01238EPSS
Exploits1References1
CNVD
CNVD
added 2020/03/01 12:0 a.m.1 views

ArticleCMS has a file upload vulnerability

ArticleCMS is a responsive information website management system built on Bootstrap 3.2 and ThinkPHP 5.0. ArticleCMS has a file upload vulnerability that can be exploited by attackers to gain server privileges...

7.1AI score
Exploits0
CNVD
CNVD
added 2020/02/26 12:0 a.m.1 views

SQL Injection Vulnerability in eq***.asp System of Ningbo Yilong Computer Technology Co.

Ningbo E-Long Technology Co., Ltd. specializes in the design and construction of corporate website platforms, government schools, home services and other industries. Ltd. eq.asp has a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information...

7.8AI score
Exploits0
CNVD
CNVD
added 2019/12/07 12:0 a.m.2 views

SQL injection vulnerability in emlog backend na***.php page

Short for every memory log, emlog is a PHP and MySQL based blog and CMS builder. SQL injection vulnerability exists in the background na.php page of emlog, which can be exploited by attackers to obtain sensitive database information...

7.9AI score
Exploits0
CNVD
CNVD
added 2019/10/25 12:0 a.m.3 views

NiuShop suffers from SQL injection vulnerability (CNVD-2019-43348)

Niushop open source mall using thinkphp5.0 MySQL development language development , completely open source mall system , can be used for enterprises , individuals to establish their own online free mall , support for open source WeChat Mall , open source applet , open source new retail , B2B2C,...

7.8AI score
Exploits0
CNVD
CNVD
added 2019/10/17 12:0 a.m.3 views

Unspecified Vulnerability in Oracle VM VirtualBox (CNVD-2019-37937)

Oracle VM VirtualBox is cross-platform virtualization software for x86 systems. An unspecified vulnerability exists in the Core component of Oracle VM VirtualBox versions prior to 5.2.34 and 6.0.14. An attacker can exploit this vulnerability to cause Oracle VM VirtualBox to hang or crash frequent...

6CVSS6.8AI score0.00606EPSS
Exploits0References1
CNVD
CNVD
added 2019/10/13 12:0 a.m.1 views

SQL injection vulnerability in seacms backend ad***_co***.php page (CNVD-2019-41066)

seacms ocean video management system, ocean cms is a video-on-demand system based on PHP + MySql technology. There is a SQL injection vulnerability in the adco.php page in the background of seacms. Attackers can use the vulnerability to obtain sensitive information in the database...

7.7AI score
Exploits0
CNVD
CNVD
added 2019/09/17 12:0 a.m.6 views

Google Chrome IDN Spoofing Vulnerability (CNVD-2019-32017)

Google Chrome is a web browser from Google, an American company. A security vulnerability exists in Google Chrome versions prior to 77.0.3865.75. A remote attacker can exploit the vulnerability to spoof IDNs with the help of a specially crafted website...

4.3CVSS8.5AI score0.00669EPSS
Exploits0References1
CNVD
CNVD
added 2019/09/17 12:0 a.m.5 views

GPAC Memory Leakage Vulnerability

GPAC is a multimedia framework for rich media and distributed under the LGPL license. A memory leak vulnerability exists in dinfRead in isomedia/boxcodebase.c in GPAC 0.7.1. No detailed vulnerability details are provided at this time...

6.5CVSS6.9AI score0.01242EPSS
Exploits1References1
CNVD
CNVD
added 2019/09/10 12:0 a.m.2 views

LibreNMS SQL Injection Vulnerability (CNVD-2019-32206)

LibreNMS is a PHP/MYSQL/SNMP-based open source monitoring tool . A SQL injection vulnerability exists in LibreNMS 1.47 and earlier versions, which can be exploited by an authenticated attacker to corrupt database queries to extract or manipulate data...

8.8CVSS7.8AI score0.01346EPSS
Exploits1References1
CNVD
CNVD
added 2019/09/09 12:0 a.m.1 views

XSS Vulnerability in Mobile Mall of Henan NetZhong.com Computer Technology Co.(CNVD-2019-33303)

Henan net in the net computer technology limited company is a micro letter public platform application and development of science and technology-based technology company. There is an XSS vulnerability in the mobile mall of Henan NetZhong.com Computer Science and Technology Co. Ltd, which can be...

6.2AI score
Exploits0
CNVD
CNVD
added 2019/09/02 12:0 a.m.4 views

Gesior-AAC SQL Injection Vulnerability

Gesior-AAC is an official tibia.com layout created based on cipsoft. A SQL injection vulnerability exists in the shop.php file in versions of Gesior-AAC prior to 2019-05-01. The vulnerability stems from a lack of validation of externally entered SQL statements in database-based applications. An...

9.8CVSS8.2AI score0.01371EPSS
Exploits0References1
CNVD
CNVD
added 2019/08/26 12:0 a.m.1 views

Google Android Media Framework Information Disclosure Vulnerability (CNVD-2019-38588)

Android is a Linux-based open source operating system from Google and the Open Handset Alliance OHA in the U.S. Media Framework is one of the multimedia development frameworks. An information disclosure vulnerability exists in Media Framework in Android Q. The vulnerability originates in a...

6.1AI score
Exploits0References1
CNVD
CNVD
added 2019/08/16 12:0 a.m.3 views

File upload vulnerability in yershop

yershop open source online store system is a thinkphp5 based mall system , with a key to generate the controller , model , validator , template , general additions and deletions and other functions . yershop backend file upload vulnerability , attackers can exploit the vulnerability to obtain...

7AI score
Exploits0
CNVD
CNVD
added 2019/07/29 12:0 a.m.10 views

NETGEAR WNDR3400v3 Stack Buffer Overflow Vulnerability

The NETGEAR WNDR3400v3 is a wireless router from NETGEAR. A buffer overflow vulnerability exists in the upnpd binary in the NETGEAR WNDR3400v3 using firmware version 1.0.1.181.0.63. The vulnerability originates when a network system or product performs an operation on memory without properly...

10CVSS7.3AI score0.03147EPSS
Exploits1References1
Rows per page
Query Builder