23 matches found
Exploit for Path Traversal in Samsung Magicinfo_9_Server
Samsung MagicINFO 9 Server Exploit CVE-2025-4632 This repos...
CVE-2026-25201
An unauthenticated user can upload arbitrary files to execute remote code, leading to privilege escalation in MagicInfo9 Server. This issue affects MagicINFO 9 Server: less than 21.1090.1...
CVE-2026-25201
An unauthenticated user can upload arbitrary files to execute remote code, leading to privilege escalation in MagicInfo9 Server. This issue affects MagicINFO 9 Server: less than 21.1090.1...
CVE-2026-25200
A vulnerability in MagicInfo9 Server allows authorized users to upload HTML files without authentication, leading to Stored XSS, which can result in account takeover This issue affects MagicINFO 9 Server: less than 21.1090.1...
CVE-2026-25200
A vulnerability in MagicInfo9 Server allows authorized users to upload HTML files without authentication, leading to Stored XSS, which can result in account takeover This issue affects MagicINFO 9 Server: less than 21.1090.1...
CVE-2026-25200
Summary: MagicInfo9 Server contains a vulnerability that allows authorized users to upload HTML files without authentication, leading to Stored XSS and potential account takeover. Affected versions: MagicINFO 9 Server
PT-2026-5779
Уязвимость системы централизованного управления мультимедийным контентом MagicINFO 9 связана с неограниченной загрузкой файлов опасного типа. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, выполнить произвольный код и повысить свои привилегии...
SAMSUNG MagicINFO 9 Server path traversal vulnerability (CNVD-2025-20078)
SAMSUNG MagicINFO 9 Server is an enterprise-class digital signage content management and device monitoring platform from Samsung Korea. SAMSUNG MagicINFO 9 Server suffers from a path traversal vulnerability that originates from improper path restrictions and can be exploited by an attacker to...
SAMSUNG MagicINFO 9 Server File Upload Vulnerability
SAMSUNG MagicINFO 9 Server is an enterprise-class digital signage content management and device monitoring platform from Samsung Korea. A file upload vulnerability exists in SAMSUNG MagicINFO 9 Server, which originates from allowing the upload of dangerous types of files and can be exploited by a...
CVE-2025-54454
Use of Hard-coded Credentials vulnerability in Samsung Electronics MagicINFO 9 Server allows Authentication Bypass.This issue affects MagicINFO 9 Server: less than 21.1080.0...
CVE-2025-54453
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0...
CVE-2025-54451
Improper Control of Generation of Code 'Code Injection' vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0...
CVE-2025-54445
Improper Restriction of XML External Entity Reference vulnerability in Samsung Electronics MagicINFO 9 Server allows Server Side Request Forgery.This issue affects MagicINFO 9 Server: less than 21.1080.0...
CVE-2025-54443
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Samsung Electronics MagicINFO 9 Server allows Upload a Web Shell to a Web Server.This issue affects MagicINFO 9 Server: less than 21.1080.0...
CVE-2025-54439
Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0...
CVE-2025-54455
Use of Hard-coded Credentials vulnerability in Samsung Electronics MagicINFO 9 Server allows Authentication Bypass.This issue affects MagicINFO 9 Server: less than 21.1080.0...
SAMSUNG MagicINFO 9 Server 安全漏洞
SAMSUNG MagicINFO 9 Server is an enterprise-class digital signage content management and device monitoring platform from Samsung Korea. A security bypass vulnerability exists in SAMSUNG MagicINFO 9 Server, which can be exploited by attackers to cause authentication bypass...
SAMSUNG MagicINFO 9 Server 安全漏洞
SAMSUNG MagicINFO 9 Server is an enterprise-class digital signage content management and device monitoring platform from Samsung Korea. A file upload vulnerability exists in SAMSUNG MagicINFO 9 Server, which stems from a failure to perform strict checks on uploaded file types. An attacker can...
SAMSUNG MagicINFO 9 Server 安全漏洞
SAMSUNG MagicINFO 9 Server is an enterprise-class digital signage content management and device monitoring platform from Samsung Korea. SAMSUNG MagicINFO 9 Server suffers from a file upload vulnerability that originates from allowing the upload of dangerous types of files, which can be exploited ...
The vulnerability of the HttpServletRequest.getParameter() function in the centralized multimedia content management system MagicINFO 9 allows a hacker to execute arbitrary code.
The vulnerability of the HttpServletRequest.getParameter function in the MagicINFO 9 centralized multimedia content management system is related to the improper creation of a file system path by combining a permanent directory, a temporary marker, and the fileName parameter. Exploiting this...