81 matches found
Interinfo DreamMaker 代码问题漏洞
Interinfo DreamMaker is an application developed by Interinfo Corporation in China. Interinfo DreamMaker has a code vulnerability that stems from arbitrary file uploads. This vulnerability could allow a privileged remote attacker to upload and execute a Web shell backdoor, thereby enabling...
Interinfo DreamMaker 安全漏洞
Interinfo DreamMaker is an application developed by Interinfo Corporation in China. Interinfo DreamMaker has a security vulnerability, which stems from relative path traversal. This vulnerability could allow unauthenticated local attackers to download arbitrary system files...
PT-2026-44824
DreamMaker developed by Interinfo has an Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server...
Interinfo DreamMaker 安全漏洞
Interinfo DreamMaker is an application developed by Interinfo Corporation in China. Interinfo DreamMaker has a security vulnerability, which stems from relative path traversal. This vulnerability could allow privileged local attackers to download arbitrary system files...
Interinfo DreamMaker 安全漏洞
Interinfo DreamMaker is an application developed by Interinfo Corporation in China. Interinfo DreamMaker has a security vulnerability, which stems from absolute path traversal. This vulnerability could allow unauthenticated remote attackers to read file names from any path...
CVE-2026-24729
An unrestricted upload of file with dangerous type vulnerability in the file upload function of Interinfo DreamMaker versions before 2025/10/22 allows remote attackers to execute arbitrary system commands via a malicious class file...
CVE-2026-24728
A missing authentication for critical function vulnerability in the /servlet/baServer3 endpoint of Interinfo DreamMaker versions before 2025/10/22 allows remote attackers to access exposed administrative functionality without prior authentication...
CVE-2026-24728
A missing authentication for critical function vulnerability in the /servlet/baServer3 endpoint of Interinfo DreamMaker versions before 2025/10/22 allows remote attackers to access exposed administrative functionality without prior authentication...
CVE-2026-24729
An unrestricted upload of file with dangerous type vulnerability in the file upload function of Interinfo DreamMaker versions before 2025/10/22 allows remote attackers to execute arbitrary system commands via a malicious class file...
CVE-2026-24729 Interinfo DreamMaker - Unrestricted Upload of File with Dangerous Type
An unrestricted upload of file with dangerous type vulnerability in the file upload function of Interinfo DreamMaker versions before 2025/10/22 allows remote attackers to execute arbitrary system commands via a malicious class file...
EUVD-2026-5017
An unrestricted upload of file with dangerous type vulnerability in the file upload function of Interinfo DreamMaker versions before 2025/10/22 allows remote attackers to execute arbitrary system commands via a malicious class file...
CVE-2026-24729
An unrestricted upload of file with dangerous type vulnerability exists in Interinfo DreamMaker’s file upload function, affecting versions before 2025/10/22. The root cause is an insufficient validation of uploaded files, enabling remote attackers to execute arbitrary system commands via a malici...
CVE-2026-24729 Interinfo DreamMaker - Unrestricted Upload of File with Dangerous Type
An unrestricted upload of file with dangerous type vulnerability in the file upload function of Interinfo DreamMaker versions before 2025/10/22 allows remote attackers to execute arbitrary system commands via a malicious class file...
CVE-2026-24728 Interinfo DreamMaker - Missing Authentication for Critical Function
A missing authentication for critical function vulnerability in the /servlet/baServer3 endpoint of Interinfo DreamMaker versions before 2025/10/22 allows remote attackers to access exposed administrative functionality without prior authentication...
CVE-2026-24728 Interinfo DreamMaker - Missing Authentication for Critical Function
A missing authentication for critical function vulnerability in the /servlet/baServer3 endpoint of Interinfo DreamMaker versions before 2025/10/22 allows remote attackers to access exposed administrative functionality without prior authentication...
EUVD-2026-5016
A missing authentication for critical function vulnerability in the /servlet/baServer3 endpoint of Interinfo DreamMaker versions before 2025/10/22 allows remote attackers to access exposed administrative functionality without prior authentication...
CVE-2026-24728
The vulnerability CVE-2026-24728 affects Interinfo DreamMaker, specifically the /servlet/baServer3 endpoint. A missing authentication for a critical function allows remote attackers to access exposed administrative functionality without prior authentication in DreamMaker versions before 2025/10/2...
Interinfo DreamMaker security vulnerabilities
Interinfo DreamMaker is an application developed by Interinfo Corporation. Versions of Interinfo DreamMaker prior to October 22, 2025, contained security vulnerabilities. These vulnerabilities stemmed from the lack of authentication for the /servlet/baServer3 endpoint, which could allow...
PT-2026-5378
An unrestricted upload of file with dangerous type vulnerability in the file upload function of Interinfo DreamMaker versions before 2025/10/22 allows remote attackers to execute arbitrary system commands via a malicious class file...
PT-2026-5377
A missing authentication for critical function vulnerability in the /servlet/baServer3 endpoint of Interinfo DreamMaker versions before 2025/10/22 allows remote attackers to access exposed administrative functionality without prior authentication...