16 matches found
EUVD-2023-30577
Malicious code in bioql PyPI...
CVE-2023-26784
SQL Injection vulnerability found in Kirin Fortress Machine v.1.7-2020-0610 allows attackers to execute arbitrary code via the /admin.php?controller=admincommonuser parameter...
CVE-2023-26784
SQL Injection vulnerability found in Kirin Fortress Machine v.1.7-2020-0610 allows attackers to execute arbitrary code via the /admin.php?controller=admincommonuser parameter...
CVE-2023-26784
SQL Injection vulnerability found in Kirin Fortress Machine v.1.7-2020-0610 allows attackers to execute arbitrary code via the /admin.php?controller=admincommonuser parameter...
Sql injection
SQL Injection vulnerability found in Kirin Fortress Machine v.1.7-2020-0610 allows attackers to execute arbitrary code via the /admin.php?controller=admincommonuser parameter...
CVE-2023-26784
SQL Injection vulnerability found in Kirin Fortress Machine v.1.7-2020-0610 allows attackers to execute arbitrary code via the /admin.php?controller=admincommonuser parameter...
PT-2023-20798 · Unknown · Kirin Fortress Machine
Name of the Vulnerable Software and Affected Versions: Kirin Fortress Machine version 1.7-2020-0610 Description: A SQL Injection issue allows attackers to execute arbitrary code via the "/admin.php?controller=admin commonuser" API endpoint, specifically through the controller parameter. This...
CVE-2023-26784
Kirin Fortress Machine v1.7-2020-0610 is affected by a SQL injection in the admin_commonuser endpoint (via /admin.php?controller=admin_commonuser), which can allow an attacker to execute arbitrary code. The NVD reports a critical CVSS v3.1 score (9.8) with network attack vector, no privileges, an...
Kirin Fortress Machine SQL注入漏洞
Tosec Kirin Fortress Machine is a series of fortress machines from Cosco Kirin Technology Tosec in Beijing, China. A security vulnerability exists in Kirin Fortress Machine version v.1.7-2020-0610, which stems from the presence of a SQL injection vulnerability that can be exploited by an attacker...
CVE-2023-26784
SQL Injection vulnerability found in Kirin Fortress Machine v.1.7-2020-0610 allows attackers to execute arbitrary code via the /admin.php?controller=admincommonuser parameter...
SQL Injection Vulnerability in Kirin Fortress of Beijing COSCO Kirin Technology Co. Ltd (CNVD-2022-86537)
KyLinFortress is an all-in-one Fortress, SSL VPN, Dynamic Password and CA Certificate. COSCO KyLin Technology Company Limited KyLin Barrier Machine suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information from the database...
Command Execution Vulnerability in Kirin Bastion ethfile Parameter
Kirin Fortress is the open source operations and maintenance fortress. A command execution vulnerability exists in the ethfile parameter of KyLin Bastion Machine, which can be exploited by attackers to execute arbitrary code...
Command Execution Vulnerability in the ip Parameter of Kirin Fortress
Kirin Fortress is the open source operations and maintenance fortress. A command execution vulnerability exists in the ip parameter of the KyLinBarrier. Due to the lack of filtering of the parameter, an attacker can utilize the ip parameter to execute arbitrary commands...
Command execution vulnerability in the slaveip and virtual_ipaddress parameters of Kirin bastion machine
Kirin Fortress is the open source operations and maintenance fortress. A command execution vulnerability exists in the slaveip and virtualipaddress parameters of the KyLin Fortress, which can be exploited by an attacker to execute arbitrary code because the parameters are not specially filtered...
File Upload Vulnerability at Kirin Fortress Application Publishing Feature
Kirin Fortress is the open source operations and maintenance fortress. A file upload vulnerability exists at the application icon upload in the application publishing feature of KyLin Fortress. This allows attackers to upload a webshell and gain server privileges...
File Upload Vulnerability in Kirin Fortress
Kirin Fortress is the open source operations and maintenance fortress. A file upload vulnerability exists in cadminbackup.class.php in KyLin Fortress. As a result of utilizing the default administrator account admin, password 12345678 to log into the system, in system management, software upgrade...