1369 matches found
File Containment Vulnerability in MetInfo Enterprise Website Builder (CNVD-2020-58429)
MetInfo Enterprise Building System is a free and open source enterprise CMS. A file inclusion vulnerability exists in MetInfo version v5.0.4, which can be exploited by attackers to gain control of the server...
Command Execution Vulnerability in the java version of the hessian binary web service protocol
Hessian is a cross-platform serialization tool. A command execution vulnerability exists in the java version of the hessian binary web service protocol that can be exploited by an attacker to gain control of a server...
Default credentials
If an attacker intercepts Thunderbird's initial attempt to perform automatic account setup using the Microsoft Exchange autodiscovery mechanism, and the attacker sends a crafted response, then Thunderbird sends username and password over https to a server controlled by the attacker. This...
DLL Hijacking Vulnerability in Rocket Accelerator of Hubei Shengtian Network Technology Co.
Rocket Accelerator is an online game gas pedal. Rocket Accelerator by Hubei Shengtian Network Technology Co. Ltd. has a DLL hijacking vulnerability that can be exploited by an attacker to gain server control privileges...
Command execution vulnerability in FastAdmin backend (CNVD-2020-58827)
FastAdmin is an extremely fast backend development framework based on ThinkPHP and Bootstrap, and a permission management system based on Auth validation. FastAdmin backend has a command execution vulnerability that can be exploited by an attacker to gain control of the server...
Shijiazhuang City Zhenghong Network Technology Co., Ltd. Shop7z online shopping system v5.4 flagship version of the existence of file upload vulnerability
Shop7z online shopping system is a domestic ASP online store platform software. Shijiazhuang City Zhenghong Network Technology Co., Ltd. Shop7z online shopping system v5.4 flagship version of the existence of file upload vulnerability, an attacker can be exploited to obtain server control...
Google Android elevation of privilege vulnerability (CNVD-2021-30158)
Android is a Linux-based open source operating system from Google and the Open Handset Alliance OHA in the U.S. System is one of the system components.VPN is one of the VPN Virtual Private Network components.Email is one of the email components. Android/Pixel has a security vulnerability that...
Google Android elevation of privilege vulnerability (CNVD-2021-30157)
Android is a Linux-based open source operating system from Google and the Open Handset Alliance OHA in the U.S. System is one of the system components.VPN is one of the VPN Virtual Private Network components.Email is one of the email components. A security vulnerability exists in Android/Pixel th...
File Upload Vulnerability in Smart-MDS Multimedia Command and Dispatch System of Yixin Technology
The Smart-MDS multimedia command and dispatch system has a powerful convergence access function, providing a unified scheduling management platform with multi-service convergence, access to mainstream audio and video communication systems and other functions. There is a file upload vulnerability ...
ASUS RT-AC1900P routers firmware validation vulnerability
ASUS RT-AC1900P routers is a router device. A security vulnerability in the ASUS RT-AC1900P routers firmware upgrade processing certificate allows remote attackers to exploit the vulnerability by submitting a special request that can upgrade malicious firmware and take control of the server...
VANOC Enterprise Website Management System PHP 3.5 File Containment Vulnerability
Vanno enterprise website management system PHP is based on php + MySQL development of enterprise website management system. A file inclusion vulnerability exists in Vanno Enterprise Website Management System PHP 3.5, which can be exploited by attackers to gain control of the server...
File Upload Vulnerability in Zhengfang Digital Campus Information Unified Authentication Center System
Founded in January 1999 with a registered capital of 50.5 million RMB, Zhengfang Software Co., Ltd hereinafter referred to as "Zhengfang" is a software enterprise and a high-tech enterprise specializing in consulting, planning, construction and service in the field of education informatization in...
File Upload Vulnerability in FH Admin CMS of Shandong Aife Information Technology Co.
FH Admin is currently the mainstream java rapid development platform. Ltd. FH Admin CMS file upload vulnerability, an attacker can use the vulnerability to obtain control of the web server...
Command Execution Vulnerability in xyhCMS of Kunming Yuntao Technology Co. Ltd (CNVD-2020-53339)
XYHCMS is a completely open source CMS content management system. A command execution vulnerability exists in XYHCMS by Kunming Yuntao Technology Co. An attacker can exploit the vulnerability to gain control of the server...
CVE-2020-24220
ShopXO v1.8.1 has a command execution vulnerability. Attackers can use this vulnerability to execute arbitrary commands and gain control of the server...
CVE-2020-24220
ShopXO v1.8.1 has a command execution vulnerability. Attackers can use this vulnerability to execute arbitrary commands and gain control of the server...
Command injection
ShopXO v1.8.1 has a command execution vulnerability. Attackers can use this vulnerability to execute arbitrary commands and gain control of the server...
CVE-2020-24220
ShopXO v1.8.1 has a command execution vulnerability. Attackers can use this vulnerability to execute arbitrary commands and gain control of the server...
CVE-2020-8716
Improper access control for some IntelR Server Boards, Server Systems and Compute Modules before version 1.59 may allow an authenticated user to potentially enable denial of service via local access...
Multiple Vulnerabilities in JAVAPMS Portal Management System of Nanchang Zhengneng Information Technology Co.
JAVAPMS portal management system to SpringMVC + Spring + Hibernate + Freemarker + Html5 + jQuery for the technical core architecture , for individual webmasters , commercial enterprises , government agencies , educational institutions and other various units of the organization's information port...