EUVD-2026-5804

A vulnerability was identified in cym1102 nginxWebUI up to 4.3.7. The impacted element is an unknown function of the file /adminPage/conf/check of the component Web Management Interface. Such manipulation of the argument nginxDir leads to cross site scripting. The attack can be executed remotely...

nginxWebUI 代码注入漏洞

nginxWebUI is a nginx web configuration tool developed by cym1102 as an individual developer. Versions of nginxWebUI 4.3.7 and earlier contained a code injection vulnerability. This vulnerability stemmed from incorrect handling of the parameter nginxDir in the file adminPage/conf/conf, which coul...

CVE-2024-3737

A vulnerability was found in cym1102 nginxWebUI up to 3.9.9. It has been rated as critical. Affected by this issue is the function findCountByQuery of the file /adminPage/www/addOver. The manipulation of the argument dir leads to path traversal. The attack may be launched remotely. The exploit ha...

nginxWebUI 代码问题漏洞

nginxWebUI is a nginx web configuration tool. cym1102 A code issue vulnerability exists in nginxWebUI version 3.9.9, which stems from an unrestricted file upload in the upload method of the /adminPage/main/upload file...