PHP-Fusion 'Edit Profile' Remote Code Execution Vulnerability

PHP-Fusion is an open source lightweight content management system based on MySql and PHP. A remote code execution vulnerability exists in PHP-Fusion 'Edit Profile'. An attacker can exploit the vulnerability to execute commands on the system using normal user privileges...

Apache Karaf Arbitrary File Download Vulnerability

Apache Karaf is the United States Apache Apache Foundation for the deployment of applications and components of a lightweight OSGi Java Dynamic Modular System container. A security vulnerability exists in Apache Karaf versions prior to 4.2.5. An attacker could exploit the vulnerability to overwri...

Command Execution Vulnerability in niushop Multi-Merchant Basic v1.11

NiuShop B2B2C Multi-Merchant Mall System is a PHP open source e-commerce system designed and developed completely independently by Shanxi NiuKu Information Technology Co. A command execution vulnerability exists in the NiuShop B2B2C Multi-merchant Mall System. An attacker can achieve remote code...

Command execution vulnerability in wps2019 personal pc client software

WPS Office official website is Kingsoft's office software learning and sharing site, is permanently free of charge to the individual domestic office software. Software PC client can allow attackers to inject executable DLL files in the client process. Execute any function...

Verizon Wireless Fios Quantum Gateway (G1100) Command Execution Vulnerability

The Verizon Wireless Fios Quantum Gateway G1100 is a wireless router from Verizon Wireless. A command injection vulnerability exists in the Verizon Fios Quantum Gateway G1100 using firmware version 02.01.00.05. The vulnerability stems from a network system or product not properly filtering specif...

Feng Office Arbitrary Code Execution Vulnerability

Feng Office is an open source online collaboration system , using the B/S architecture , using php language development . An arbitrary code execution vulnerability exists in Feng Office 3.7.0.5. A remote attacker can exploit this vulnerability by using the "! --exec cmd=" in the...

ThinkPHP Command Execution Vulnerability

Top Thinking Information Technology ThinkPHP is a PHP-based, open source, lightweight Web application development framework from China Top Thinking Information Technology. ThinkPHP3.2.4 previous version used in Open Source BMS v1.1.1 version and other devices in the existence of a command executi...

Command Execution Vulnerability in Rice CMS v6.0.6

DAMI CMS aka 3gcms is a free open source, fast, simple PC station and cell phone station integration integrated system, dedicated to providing users with simple, fast PC station and smartphone station building solutions. Rice CMS v6.0.6 there is a command execution vulnerability. An attacker can...

Command Execution Vulnerability in HDCMS v2.0

HDCMS is a content management system software package developed in PHP+Mysql. It provides customers with powerful and complete functionality to accomplish rapid website development. A command execution vulnerability exists in HDCMS v2.0, which can be exploited by an attacker to gain control of a...

Artifex Software Ghostscript Sandbox Bypass Vulnerability

Artifex Software Ghostscript is an open source Postscript a page description language and programming language used in the electronics industry and desktop publishing parser from Artifex Software that displays Postscript files and prints them on non-Postscript printers. print Postscript files on...

Command execution vulnerability in FrogCMS Pa***.php file

FrogCMS is an enterprise building system CMS based on PHP+Mysql architecture that can run on various server platforms such as Linux, Windows and so on. FrogCMS Pa.php file has a command execution vulnerability that can be exploited by an attacker to gain access to the site permissions and so on...

Command execution vulnerability in FrogCMS La***.php file

FrogCMS is an enterprise building system CMS based on PHP+Mysql architecture that can run on various server platforms such as Linux, Windows and so on. FrogCMS La.php file has a command execution vulnerability that can be exploited by an attacker to gain access to the site permissions and so on...

Command Execution Vulnerability in Yzncms Frontend

Yzncms aka Otaku CMS is a CMS content management system based on the latest TP5.1 framework. Yzncms front-end command execution vulnerability, an attacker can exploit the vulnerability to execute arbitrary commands...

Command Execution Vulnerability in Multiple D-Link Products

D-Link DIR-822 C1 and others are wireless router products from AUO D-Link. A command execution vulnerability exists in multiple D-Link products, which can be exploited by remote attackers to execute commands...

Command Execution Vulnerability in Multiple php Files in Thunderwind Movie CMS v3.8.6

Thunderwind Movie CMS is a PHP based THINKPHP3.2.3 framework development, suitable for all kinds of video, film and television websites, film and television content management program. Thunderwind Movie CMS v3.8.6 multiple php file command execution vulnerability, an attacker can exploit the...

Code Execution Vulnerability in anmi V1.1.0 Frontend

Anmi program is a program that focuses on H5 mobile website/app construction. Code execution vulnerability exists in anmi V1.1.0 frontend. An attacker can exploit the vulnerability to execute commands and gain server privileges...

Command Execution Vulnerability in Thunderwind Movie LFCMS v3.8.6

LFCMS is a film and television content management system developed in PHP and based on THINKPHP framework suitable for all kinds of video, film and television websites. LFCMS v3.8.6 has a command execution vulnerability, the vulnerability stems from the failure to filter cached data, an attacker...

Command Execution Vulnerability in D-link Central WifiManager

D-LINK Central WifiManager CWM-100 is D-LINK centralized wireless management software. A code execution vulnerability exists in the implementation of D-Link Central WiFiManager, which can be exploited by an attacker to gain control of a web server...

File upload vulnerability in the free version of TouchNet Universal Mall system

TouchNet universal mall station-building system is a set of universal station-building system developed by Tianjin TouchNet Technology Co. TouchNet Universal Mall Station Building System free version of the foreground there is a file upload vulnerability, an attacker can use the vulnerability to...

IBM API Connect CSV Injection Vulnerability

IBM API Connect aka APIConnect is an integrated solution for managing the API lifecycle from IBM USA. The solution supports creating, running, managing and securing APIs, microservices and more. A CSV injection vulnerability exists in IBM API Connect versions 5.0.0.0 through 5.0.8.4 and versions...