Command Execution Vulnerability in HisiPHP V2.0.11

HisiPHP is based on ThinkPHP5 + Layui development of a set of free WEB open source framework. HisiPHP V2.0.11 has a command execution vulnerability that can be exploited by an attacker to gain server privileges...

Command Execution Vulnerability in Shenyang Huanggu District Ainong Network Technology Service Center 162100 Website Navigation

162100 website navigation is a php + MySQL development of the site navigation class website source code. Shenyang Huanggu District Ainong Network Technology Service Center 162100 URL navigation command execution vulnerabilities, attackers can use the vulnerability to obtain server privileges...

Command Execution Vulnerability in EyouCms System Doctor Plugin

EyouCms system doctor plugin is a user-friendly diagnostic system, repair their own difficulties, and some sql operation functions of the plugin. EyouCms System Doctor plugin has a command execution vulnerability that can be exploited by attackers to execute arbitrary SQL commands...

CVE-2020-3268

Multiple vulnerabilities in the web-based management interface of Cisco RV110W, RV130, RV130W, and RV215W Series Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands. For more information about these vulnerabilities, see the Details...

Command Execution Vulnerability in Guojiz International Website Navigation System

Guojiz International Website Navigation System is a navigation system based on thinkphp. A command execution vulnerability exists in Guojiz International Website Navigation System, which can be exploited by an attacker to gain server control privileges...

Command Execution Vulnerability in UsualToolCMS 8.0

UsualToolCMS UTCMS is an enterprise web content management system CMS based on PHP and MySQL. A command execution vulnerability exists in UsualToolCMS 8.0, which can be exploited by an attacker to gain server administrative privileges...

CVE-2020-3229

A vulnerability in Role Based Access Control RBAC functionality of Cisco IOS XE Web Management Software could allow a Read-Only authenticated, remote attacker to execute commands or configuration changes as an Admin user. The vulnerability is due to incorrect handling of RBAC for the administrati...

CVE-2020-3219

A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to inject and execute arbitrary commands with administrative privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of user-suppli...

Command Execution Vulnerability in ThinkAdmin

ThinkAdmin is an open source framework for backend management based on ThinkPHP development . ThinkAdmin has a command execution vulnerability that can be exploited by attackers to gain server privileges...

Command Execution Vulnerability in CFCA Front Office Back Office Management System

CICC Financial Certification Center Limited is a national authoritative security certification body. A command execution vulnerability exists in the backend management system of CFCA's front-end, which can be exploited by an attacker to gain control of a web server...

Command Execution Vulnerability in Ocean CMS Backend (CNVD-2020-33133)

Ocean CMS is a web content management system based on PHP+MYSQL architecture that can run across platforms. A command execution vulnerability exists in the backend of Ocean CMS, which can be exploited by attackers to gain control of the web server...

Mozilla Thunderbird, Firefox ESR and Firefox Injection Vulnerabilities

Mozilla Firefox and others are products of the Mozilla Foundation in the U.S.A. Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox web browser.Mozilla Thunderbird is a suite of e-mail client software separate from the Mozilla Application...

Command Execution Vulnerability in Baiyi Enterprise Website Building System (CNVD-2020-28073)

Baiyi Enterprise Building System is a simple and pure enterprise building system with powerful content modeling features to meet a variety of enterprise building needs. A command execution vulnerability exists in Baiyi Enterprise Website Builder, which can be exploited by an attacker to execute...

Command Execution Vulnerability in TOTOLINK A950RG Router

China Unicom Hong Kong Technology Limited is a manufacturer of network communication products. A command execution vulnerability exists in the TOTOLINK A950RG router, which can be exploited by attackers to execute arbitrary commands...

Command execution vulnerability in EyouCms backend (CNVD-2020-28132)

eyoucms is an enterprise website building system that focuses on enterprise website construction. A command execution vulnerability exists in the EyouCms backend, which can be exploited by attackers to execute malicious commands to gain server privileges...

Command Execution Vulnerability in SongCMS PHP Version

SongCMS PHP Edition is an open source CMS based on PHP+MySQL. SongCMS PHP Edition suffers from a command execution vulnerability that can be exploited by attackers to execute malicious code...

Command Execution Vulnerability in WideField2

WideField2 is a PLC programming software developed by Yokogawa Electric Group. WideField2 suffers from a command execution vulnerability that can be exploited by an attacker to gain server privileges...

Netatmo Smart Indoor Camera Injection Vulnerability

Netatmo Smart Indoor Camera is a smart webcam from the French company Netatmo. An injection vulnerability exists in Netatmo Smart Indoor Camera. An attacker can exploit this vulnerability to execute commands...

SysAid Technologies SysAid On-Premise Code Issue Vulnerability

SysAid Technologies SysAid is a suite of IT service management solutions from SysAid Technologies, Israel SysAid On-Premise is a locally installed version of SysAid. A security vulnerability exists in the AJP protocol port in SysAid Technologies SysAid On-Premise version 20.1.11. An attacker coul...

Command execution vulnerability exists in OpsManage (CNVD-2020-31455)

OpsManage is a management platform for performing device assets, code deployment, application deployment, and scheduled tasks. OpsManage suffers from a command execution vulnerability that can be exploited by an attacker to gain server administrative privileges...