77 matches found
Cisco SD-WAN vManage Software Path Traversal Vulnerability (CNVD-2020-42258)
Cisco SD-WAN vManage Software is a management software for SD-WAN Software Defined Wide Area Network solutions from Cisco. A path traversal vulnerability exists in the web management interface in Cisco SD-WAN vManage Software, which stems from the program failing to properly validate uploaded...
Virgo_ZodiacToken Logic Flaw Vulnerability
VirgoZodiacToken is an Ether-based digital currency. A security vulnerability exists in VirgoZodiacToken's smart contract implementation that stems from the program's use of '='. An attacker could use the vulnerability to transfer funds from an arbitrary address to a user's address...
Unspecified Vulnerability in Mattermost Server (CNVD-2020-35353)
Mattermost Server is the United States Mattermost company's set of open source messaging platform. A security vulnerability exists in Mattermost Server that can be exploited by an attacker to create a trusted Oauth application...
Nantong Wanjia Network Technology Co., Ltd. website building system suffers from SQL injection vulnerabilities (CNVD-2020-30187)
Nantong Wanjia Network Technology Co., Ltd. is engaged in website construction, website design, high-end website production, network promotion and so on. Nantong Wanjia Network Technology Co., Ltd. website building system has SQL injection vulnerability, attackers can use the vulnerability to...
Opmantek Open-AudIT Injection Vulnerability
Opmantek Open-AudIT is an open source network discovery and auditing program from Opmantek USA. The program intelligently scans networks and network devices and provides status reports. Opmantek Open-AudIT suffers from an injection vulnerability. An attacker can exploit this vulnerability to inje...
Voo branded NETGEAR CG3700b Authorization Issues Vulnerability
The NETGEAR CG3700b is a cable modem and router from NETGEAR. An authorization issue vulnerability exists in the Voo branded NETGEAR CG3700b that stems from the use of the same default 8-character passphrase for the management console and WPA2 pre-shared key, which can be exploited by an attacker...
ArticleCMS has a file upload vulnerability
ArticleCMS is a responsive information website management system built on Bootstrap 3.2 and ThinkPHP 5.0. ArticleCMS has a file upload vulnerability that can be exploited by attackers to gain server privileges...
SQL Injection Vulnerability in eq***.asp System of Ningbo Yilong Computer Technology Co.
Ningbo E-Long Technology Co., Ltd. specializes in the design and construction of corporate website platforms, government schools, home services and other industries. Ltd. eq.asp has a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information...
SQL injection vulnerability in emlog backend na***.php page
Short for every memory log, emlog is a PHP and MySQL based blog and CMS builder. SQL injection vulnerability exists in the background na.php page of emlog, which can be exploited by attackers to obtain sensitive database information...
NiuShop suffers from SQL injection vulnerability (CNVD-2019-43348)
Niushop open source mall using thinkphp5.0 MySQL development language development , completely open source mall system , can be used for enterprises , individuals to establish their own online free mall , support for open source WeChat Mall , open source applet , open source new retail , B2B2C,...
Unspecified Vulnerability in Oracle VM VirtualBox (CNVD-2019-37937)
Oracle VM VirtualBox is cross-platform virtualization software for x86 systems. An unspecified vulnerability exists in the Core component of Oracle VM VirtualBox versions prior to 5.2.34 and 6.0.14. An attacker can exploit this vulnerability to cause Oracle VM VirtualBox to hang or crash frequent...
SQL injection vulnerability in seacms backend ad***_co***.php page (CNVD-2019-41066)
seacms ocean video management system, ocean cms is a video-on-demand system based on PHP + MySql technology. There is a SQL injection vulnerability in the adco.php page in the background of seacms. Attackers can use the vulnerability to obtain sensitive information in the database...
Google Chrome IDN Spoofing Vulnerability (CNVD-2019-32017)
Google Chrome is a web browser from Google, an American company. A security vulnerability exists in Google Chrome versions prior to 77.0.3865.75. A remote attacker can exploit the vulnerability to spoof IDNs with the help of a specially crafted website...
GPAC Memory Leakage Vulnerability
GPAC is a multimedia framework for rich media and distributed under the LGPL license. A memory leak vulnerability exists in dinfRead in isomedia/boxcodebase.c in GPAC 0.7.1. No detailed vulnerability details are provided at this time...
LibreNMS SQL Injection Vulnerability (CNVD-2019-32206)
LibreNMS is a PHP/MYSQL/SNMP-based open source monitoring tool . A SQL injection vulnerability exists in LibreNMS 1.47 and earlier versions, which can be exploited by an authenticated attacker to corrupt database queries to extract or manipulate data...
XSS Vulnerability in Mobile Mall of Henan NetZhong.com Computer Technology Co.(CNVD-2019-33303)
Henan net in the net computer technology limited company is a micro letter public platform application and development of science and technology-based technology company. There is an XSS vulnerability in the mobile mall of Henan NetZhong.com Computer Science and Technology Co. Ltd, which can be...
Gesior-AAC SQL Injection Vulnerability
Gesior-AAC is an official tibia.com layout created based on cipsoft. A SQL injection vulnerability exists in the shop.php file in versions of Gesior-AAC prior to 2019-05-01. The vulnerability stems from a lack of validation of externally entered SQL statements in database-based applications. An...
Google Android Media Framework Information Disclosure Vulnerability (CNVD-2019-38588)
Android is a Linux-based open source operating system from Google and the Open Handset Alliance OHA in the U.S. Media Framework is one of the multimedia development frameworks. An information disclosure vulnerability exists in Media Framework in Android Q. The vulnerability originates in a...
File upload vulnerability in yershop
yershop open source online store system is a thinkphp5 based mall system , with a key to generate the controller , model , validator , template , general additions and deletions and other functions . yershop backend file upload vulnerability , attackers can exploit the vulnerability to obtain...
NETGEAR WNDR3400v3 Stack Buffer Overflow Vulnerability
The NETGEAR WNDR3400v3 is a wireless router from NETGEAR. A buffer overflow vulnerability exists in the upnpd binary in the NETGEAR WNDR3400v3 using firmware version 1.0.1.181.0.63. The vulnerability originates when a network system or product performs an operation on memory without properly...