Lucene search
+L

81 matches found

CNNVD
CNNVD
added 2026/05/29 12:0 a.m.11 views

Interinfo DreamMaker 代码问题漏洞

Interinfo DreamMaker is an application developed by Interinfo Corporation in China. Interinfo DreamMaker has a code vulnerability that stems from arbitrary file uploads. This vulnerability could allow a privileged remote attacker to upload and execute a Web shell backdoor, thereby enabling...

8.6CVSS6.2AI score0.00456EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.11 views

Interinfo DreamMaker 安全漏洞

Interinfo DreamMaker is an application developed by Interinfo Corporation in China. Interinfo DreamMaker has a security vulnerability, which stems from relative path traversal. This vulnerability could allow unauthenticated local attackers to download arbitrary system files...

8.7CVSS5.9AI score0.00353EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.17 views

PT-2026-44824

DreamMaker developed by Interinfo has an Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server...

9.8CVSS6.4AI score0.00508EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.15 views

Interinfo DreamMaker 安全漏洞

Interinfo DreamMaker is an application developed by Interinfo Corporation in China. Interinfo DreamMaker has a security vulnerability, which stems from relative path traversal. This vulnerability could allow privileged local attackers to download arbitrary system files...

6.9CVSS5.9AI score0.00347EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.10 views

Interinfo DreamMaker 安全漏洞

Interinfo DreamMaker is an application developed by Interinfo Corporation in China. Interinfo DreamMaker has a security vulnerability, which stems from absolute path traversal. This vulnerability could allow unauthenticated remote attackers to read file names from any path...

6.9CVSS5.8AI score0.00387EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/31 9:12 a.m.11 views

CVE-2026-24729

An unrestricted upload of file with dangerous type vulnerability in the file upload function of Interinfo DreamMaker versions before 2025/10/22 allows remote attackers to execute arbitrary system commands via a malicious class file...

10CVSS6.2AI score0.00336EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/31 9:12 a.m.15 views

CVE-2026-24728

A missing authentication for critical function vulnerability in the /servlet/baServer3 endpoint of Interinfo DreamMaker versions before 2025/10/22 allows remote attackers to access exposed administrative functionality without prior authentication...

9.3CVSS6AI score0.00413EPSS
Exploits0References1
NVD
NVD
added 2026/01/30 5:16 a.m.8 views

CVE-2026-24728

A missing authentication for critical function vulnerability in the /servlet/baServer3 endpoint of Interinfo DreamMaker versions before 2025/10/22 allows remote attackers to access exposed administrative functionality without prior authentication...

9.3CVSS0.00413EPSS
Exploits0References1
NVD
NVD
added 2026/01/30 5:16 a.m.11 views

CVE-2026-24729

An unrestricted upload of file with dangerous type vulnerability in the file upload function of Interinfo DreamMaker versions before 2025/10/22 allows remote attackers to execute arbitrary system commands via a malicious class file...

10CVSS0.00336EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/30 3:50 a.m.30 views

CVE-2026-24729 Interinfo DreamMaker - Unrestricted Upload of File with Dangerous Type

An unrestricted upload of file with dangerous type vulnerability in the file upload function of Interinfo DreamMaker versions before 2025/10/22 allows remote attackers to execute arbitrary system commands via a malicious class file...

10CVSS0.00336EPSS
Exploits0References1
EUVD
EUVD
added 2026/01/30 3:50 a.m.6 views

EUVD-2026-5017

An unrestricted upload of file with dangerous type vulnerability in the file upload function of Interinfo DreamMaker versions before 2025/10/22 allows remote attackers to execute arbitrary system commands via a malicious class file...

10CVSS6.2AI score0.00336EPSS
Exploits0References1
CVE
CVE
added 2026/01/30 3:50 a.m.39 views

CVE-2026-24729

An unrestricted upload of file with dangerous type vulnerability exists in Interinfo DreamMaker’s file upload function, affecting versions before 2025/10/22. The root cause is an insufficient validation of uploaded files, enabling remote attackers to execute arbitrary system commands via a malici...

10CVSS6.2AI score0.00336EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/30 3:50 a.m.6 views

CVE-2026-24729 Interinfo DreamMaker - Unrestricted Upload of File with Dangerous Type

An unrestricted upload of file with dangerous type vulnerability in the file upload function of Interinfo DreamMaker versions before 2025/10/22 allows remote attackers to execute arbitrary system commands via a malicious class file...

10CVSS6.2AI score0.00336EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/30 3:48 a.m.6 views

CVE-2026-24728 Interinfo DreamMaker - Missing Authentication for Critical Function

A missing authentication for critical function vulnerability in the /servlet/baServer3 endpoint of Interinfo DreamMaker versions before 2025/10/22 allows remote attackers to access exposed administrative functionality without prior authentication...

9.3CVSS6AI score0.00413EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/30 3:48 a.m.29 views

CVE-2026-24728 Interinfo DreamMaker - Missing Authentication for Critical Function

A missing authentication for critical function vulnerability in the /servlet/baServer3 endpoint of Interinfo DreamMaker versions before 2025/10/22 allows remote attackers to access exposed administrative functionality without prior authentication...

9.3CVSS0.00413EPSS
Exploits0References1
EUVD
EUVD
added 2026/01/30 3:48 a.m.7 views

EUVD-2026-5016

A missing authentication for critical function vulnerability in the /servlet/baServer3 endpoint of Interinfo DreamMaker versions before 2025/10/22 allows remote attackers to access exposed administrative functionality without prior authentication...

9.3CVSS6AI score0.00413EPSS
Exploits0References1
CVE
CVE
added 2026/01/30 3:48 a.m.39 views

CVE-2026-24728

The vulnerability CVE-2026-24728 affects Interinfo DreamMaker, specifically the /servlet/baServer3 endpoint. A missing authentication for a critical function allows remote attackers to access exposed administrative functionality without prior authentication in DreamMaker versions before 2025/10/2...

9.3CVSS6AI score0.00413EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/30 12:0 a.m.7 views

Interinfo DreamMaker security vulnerabilities

Interinfo DreamMaker is an application developed by Interinfo Corporation. Versions of Interinfo DreamMaker prior to October 22, 2025, contained security vulnerabilities. These vulnerabilities stemmed from the lack of authentication for the /servlet/baServer3 endpoint, which could allow...

9.3CVSS5.8AI score0.00413EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/30 12:0 a.m.9 views

PT-2026-5378

An unrestricted upload of file with dangerous type vulnerability in the file upload function of Interinfo DreamMaker versions before 2025/10/22 allows remote attackers to execute arbitrary system commands via a malicious class file...

10CVSS6.2AI score0.00336EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/01/30 12:0 a.m.13 views

PT-2026-5377

A missing authentication for critical function vulnerability in the /servlet/baServer3 endpoint of Interinfo DreamMaker versions before 2025/10/22 allows remote attackers to access exposed administrative functionality without prior authentication...

9.3CVSS6AI score0.00413EPSS
Exploits0References2
Rows per page
Query Builder