Lucene search
K

289 matches found

OSV
OSV
added 2019/11/26 4:15 a.m.5 views

CVE-2019-15995

A vulnerability in the web UI of Cisco DNA Spaces: Connector could allow an authenticated, remote attacker to execute arbitrary SQL queries. The vulnerability exists because the web UI does not properly validate user-supplied input. An attacker could exploit this vulnerability by entering malicio...

6.5CVSS6.9AI score0.0115EPSS
Exploits0References1
Schneier on Security
Schneier on Security
added 2019/11/08 12:10 p.m.39 views

xHelper Malware for Android

xHelper is not interesting because of its infection mechanism; the user has to side-load an app onto his phone. It's not interesting because of its payload; it seems to do nothing more than show unwanted ads. it's interesting because of its persistence: Furthermore, even if users spot the xHelper...

1AI score
Exploits0
CNVD
CNVD
added 2019/11/05 12:0 a.m.3 views

Code Execution Vulnerability in MacCMS

MacCMS is a cms website builder system. A code execution vulnerability exists in MacCMS. An attacker can exploit the vulnerability to delete arbitrary files and cause system reinstallation. When reinstalling the software, malicious code is constructed to insert into the configuration file to gain...

7.9AI score
Exploits0
CNVD
CNVD
added 2019/10/28 12:0 a.m.1 views

Reinstallation Vulnerability in S-CMS Enterprise Website Builder System

S-CMS enterprise station building system is Zibo Shining Network Technology Co., Ltd. developed a specialized enterprise station building solutions for the product. There is a reinstallation vulnerability in S-CMS, which can be exploited by attackers to reinstall the system...

6.9AI score
Exploits0
Microsoft KB
Microsoft KB
added 2019/10/08 12:0 a.m.8 views

Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 7 SP1 and Server 2008 R2 SP1 (KB4524102)

Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 7 SP1 and Server 2008 R2 SP1 KB4524102 Applies to: Microsoft .NET Framework 3.5.1 Microsoft .NET Framework 4.5.2 Microsoft .NET Framework 4.6 Microsoft .NET Framework 4.6.1 Microsoft...

7.1AI score
Exploits0
CNVD
CNVD
added 2019/09/30 12:0 a.m.1 views

Arbitrary Deletion Vulnerability in HongCMS v4.0 uc_a***.php File

HongCMS is an open source lightweight content management system CMS. HongCMS v4.0 uca.php file contains an arbitrary deletion vulnerability. An attacker can exploit the vulnerability to delete arbitrary files, resulting in a system reinstallation...

7AI score
Exploits0
OSV
OSV
added 2019/09/25 12:15 p.m.4 views

CVE-2019-16867

HongCMS 3.0.0 allows arbitrary file deletion via a ../ in the file parameter to admin/index.php/database/ajax?action=delete, a similar issue to CVE-2018-16774. If the attacker deletes config.php and visits install/index.php, they can reinstall the product...

6.5CVSS7AI score0.01116EPSS
Exploits1References1
Cvelist
Cvelist
added 2019/09/21 5:2 p.m.23 views

CVE-2019-16655

joyplus-cms 1.6.0 allows reinstallation if the install/ URI remains available...

7.6AI score0.0084EPSS
Exploits1References1
Microsoft KB
Microsoft KB
added 2019/09/19 12:0 a.m.10 views

Preview of Quality Rollup for .NET Framework 2.0, 3.0, 4.5.2, 4.6 on Windows Server 2008 SP2 (KB4516554)

Preview of Quality Rollup for .NET Framework 2.0, 3.0, 4.5.2, 4.6 on Windows Server 2008 SP2 KB4516554 Applies to: Microsoft .NET Framework 2.0 Microsoft .NET Framework 3.0 Microsoft .NET Framework 4.5.2 Microsoft .NET Framework 4.6 This update is included in the Preview of Quality Rollup that's...

6.9AI score
Exploits0
Prion
Prion
added 2019/09/14 4:15 p.m.17 views

Remote code execution

Indexhibit 2.1.5 allows a product reinstallation, with resultant remote code execution, via /ndxzstudio/install.php?p=2...

7.5CVSS9.5AI score0.38732EPSS
Exploits3References1Affected Software1
CNVD
CNVD
added 2019/09/11 12:0 a.m.4 views

Code execution vulnerability in indexhibits CMS

Indexhibit is a pioneering CMS web application created in 2006 for creating websites in an established index + exhibit format. A code execution vulnerability exists in indexhibits CMS, which can be exploited by an attacker to reinstall the web system and enter a backend getshell to gain server...

8.8CVSS7.9AI score0.02695EPSS
Exploits1
CNVD
CNVD
added 2019/08/20 12:0 a.m.1 views

Arbitrary File Deletion Vulnerability in Xianqi Kindergarten Online Management System

Shanxi Xianqi Technology Co., Ltd. is a high-tech enterprise integrating research and development, production, sales and service of hardware and software. The first kindergarten online management system there are arbitrary file deletion vulnerability, attackers can use this vulnerability to delet...

7AI score
Exploits0
Microsoft KB
Microsoft KB
added 2019/08/16 12:0 a.m.9 views

Preview of Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 (KB4512194)

Preview of Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 KB4512194 Applies to: Microsoft .NET Framework 3.5 Microsoft .NET Framework 4.5.2 Microsoft .NET Framework 4.6 Microsoft .NET Framework 4.6.1 Microsoft .NET Framework 4.6.2...

6.7AI score
Exploits0
CNVD
CNVD
added 2019/08/08 12:0 a.m.1 views

Arbitrary File Deletion Vulnerability in DouPHP

DouPHP is a lightweight enterprise website management system based on PHP+Mysql architecture, running on various platforms such as Linux, Windows, MacOSX, Solaris and so on. DouPHP has an arbitrary file deletion vulnerability, which can be exploited by attackers to cause system reinstallation...

7AI score
Exploits0
CNVD
CNVD
added 2019/08/05 12:0 a.m.3 views

Command Execution Vulnerability in S-CMS Enterprise Website Building System (CNVD-2019-29886)

S-CMS enterprise station building system is Zibo Shining Network Technology Co., Ltd. developed a specialized enterprise station building solutions for the product. A command execution vulnerability exists in the S-CMS enterprise website builder system. Attackers can use the vulnerability to...

8AI score
Exploits0
CNVD
CNVD
added 2019/08/02 12:0 a.m.1 views

DouPHP BLOG Arbitrary File Deletion Vulnerability

DouPHPBLOG1.5 is a lightweight enterprise website management system based on PHP+Mysql architecture, which can run on Linux, Windows, MacOSX, Solaris and other platforms. DouPHPBLOG1.5 suffers from an arbitrary file deletion vulnerability, which can be exploited by attackers to reinstall the...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2019/07/26 2:22 p.m.263 views

Just Opening A Document in LibreOffice Can Hack Your Computer (Unpatched)

Are you using LibreOffice? You should be extra careful about what document files you open using the LibreOffice software over the next few days. That's because LibreOffice contains a severe unpatched code execution vulnerability that could sneak malware into your system as soon as you open a...

9.8CVSS0.4AI score0.31215EPSS
Exploits5
CNVD
CNVD
added 2019/06/04 12:0 a.m.3 views

Arbitrary File Deletion Vulnerability in maccms

maccms is a cms website builder. maccms is vulnerable to an arbitrary file deletion vulnerability. An attacker can exploit the vulnerability to delete arbitrary files, resulting in system reinstallation...

7AI score
Exploits0
CNVD
CNVD
added 2019/05/29 12:0 a.m.1 views

Arbitrary File Deletion Vulnerability in Background File List of WMCMS System

WMCMS is based on PHP + MYSQL as the core development, free + open source professional Chinese labeling system. WMCMS system background file list exists arbitrary file deletion vulnerability. Attackers can use the vulnerability to delete arbitrary files, resulting in system reinstallation...

7.2AI score
Exploits0
CNVD
CNVD
added 2019/05/02 12:0 a.m.1 views

NiuShop B2C Single Merchant Mall System Up***.php file has arbitrary file deletion vulnerability

NiuShop B2C single merchant mall system is a PHP open source e-commerce system designed and developed completely independently by Shanxi NiuKu Information Technology Co. NiuShop B2C single merchant mall system Up.php file arbitrary file deletion vulnerability. Attackers can construct packets sent...

7.1AI score
Exploits0
Rows per page
Query Builder