Lucene search
K

1369 matches found

CNVD
CNVD
added 2020/10/10 12:0 a.m.1 views

File Containment Vulnerability in MetInfo Enterprise Website Builder (CNVD-2020-58429)

MetInfo Enterprise Building System is a free and open source enterprise CMS. A file inclusion vulnerability exists in MetInfo version v5.0.4, which can be exploited by attackers to gain control of the server...

7.1AI score
Exploits0
CNVD
CNVD
added 2020/10/09 12:0 a.m.3 views

Command Execution Vulnerability in the java version of the hessian binary web service protocol

Hessian is a cross-platform serialization tool. A command execution vulnerability exists in the java version of the hessian binary web service protocol that can be exploited by an attacker to gain control of a server...

7.4AI score
Exploits0
Prion
Prion
added 2020/10/08 2:15 p.m.19 views

Default credentials

If an attacker intercepts Thunderbird's initial attempt to perform automatic account setup using the Microsoft Exchange autodiscovery mechanism, and the attacker sends a crafted response, then Thunderbird sends username and password over https to a server controlled by the attacker. This...

4.3CVSS6.4AI score0.00949EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2020/09/28 12:0 a.m.1 views

DLL Hijacking Vulnerability in Rocket Accelerator of Hubei Shengtian Network Technology Co.

Rocket Accelerator is an online game gas pedal. Rocket Accelerator by Hubei Shengtian Network Technology Co. Ltd. has a DLL hijacking vulnerability that can be exploited by an attacker to gain server control privileges...

7.2AI score
Exploits0
CNVD
CNVD
added 2020/09/22 12:0 a.m.1 views

Command execution vulnerability in FastAdmin backend (CNVD-2020-58827)

FastAdmin is an extremely fast backend development framework based on ThinkPHP and Bootstrap, and a permission management system based on Auth validation. FastAdmin backend has a command execution vulnerability that can be exploited by an attacker to gain control of the server...

7.4AI score
Exploits0
CNVD
CNVD
added 2020/09/18 12:0 a.m.2 views

Shijiazhuang City Zhenghong Network Technology Co., Ltd. Shop7z online shopping system v5.4 flagship version of the existence of file upload vulnerability

Shop7z online shopping system is a domestic ASP online store platform software. Shijiazhuang City Zhenghong Network Technology Co., Ltd. Shop7z online shopping system v5.4 flagship version of the existence of file upload vulnerability, an attacker can be exploited to obtain server control...

7AI score
Exploits0
CNVD
CNVD
added 2020/09/15 12:0 a.m.7 views

Google Android elevation of privilege vulnerability (CNVD-2021-30158)

Android is a Linux-based open source operating system from Google and the Open Handset Alliance OHA in the U.S. System is one of the system components.VPN is one of the VPN Virtual Private Network components.Email is one of the email components. Android/Pixel has a security vulnerability that...

10CVSS9.3AI score0.00635EPSS
Exploits0References1
CNVD
CNVD
added 2020/09/15 12:0 a.m.6 views

Google Android elevation of privilege vulnerability (CNVD-2021-30157)

Android is a Linux-based open source operating system from Google and the Open Handset Alliance OHA in the U.S. System is one of the system components.VPN is one of the VPN Virtual Private Network components.Email is one of the email components. A security vulnerability exists in Android/Pixel th...

10CVSS9.3AI score0.00564EPSS
Exploits0References1
CNVD
CNVD
added 2020/09/15 12:0 a.m.5 views

File Upload Vulnerability in Smart-MDS Multimedia Command and Dispatch System of Yixin Technology

The Smart-MDS multimedia command and dispatch system has a powerful convergence access function, providing a unified scheduling management platform with multi-service convergence, access to mainstream audio and video communication systems and other functions. There is a file upload vulnerability ...

7.7AI score
Exploits0
CNVD
CNVD
added 2020/08/31 12:0 a.m.2 views

ASUS RT-AC1900P routers firmware validation vulnerability

ASUS RT-AC1900P routers is a router device. A security vulnerability in the ASUS RT-AC1900P routers firmware upgrade processing certificate allows remote attackers to exploit the vulnerability by submitting a special request that can upgrade malicious firmware and take control of the server...

5.9CVSS7AI score0.00421EPSS
Exploits0References1
CNVD
CNVD
added 2020/08/26 12:0 a.m.3 views

VANOC Enterprise Website Management System PHP 3.5 File Containment Vulnerability

Vanno enterprise website management system PHP is based on php + MySQL development of enterprise website management system. A file inclusion vulnerability exists in Vanno Enterprise Website Management System PHP 3.5, which can be exploited by attackers to gain control of the server...

7.1AI score
Exploits0
CNVD
CNVD
added 2020/08/26 12:0 a.m.1 views

File Upload Vulnerability in Zhengfang Digital Campus Information Unified Authentication Center System

Founded in January 1999 with a registered capital of 50.5 million RMB, Zhengfang Software Co., Ltd hereinafter referred to as "Zhengfang" is a software enterprise and a high-tech enterprise specializing in consulting, planning, construction and service in the field of education informatization in...

7.2AI score
Exploits0
CNVD
CNVD
added 2020/08/24 12:0 a.m.2 views

File Upload Vulnerability in FH Admin CMS of Shandong Aife Information Technology Co.

FH Admin is currently the mainstream java rapid development platform. Ltd. FH Admin CMS file upload vulnerability, an attacker can use the vulnerability to obtain control of the web server...

7.1AI score
Exploits0
CNVD
CNVD
added 2020/08/18 12:0 a.m.1 views

Command Execution Vulnerability in xyhCMS of Kunming Yuntao Technology Co. Ltd (CNVD-2020-53339)

XYHCMS is a completely open source CMS content management system. A command execution vulnerability exists in XYHCMS by Kunming Yuntao Technology Co. An attacker can exploit the vulnerability to gain control of the server...

7.4AI score
Exploits0
NVD
NVD
added 2020/08/17 5:15 p.m.13 views

CVE-2020-24220

ShopXO v1.8.1 has a command execution vulnerability. Attackers can use this vulnerability to execute arbitrary commands and gain control of the server...

9CVSS9.3AI score0.02401EPSS
Exploits0References1
OSV
OSV
added 2020/08/17 5:15 p.m.10 views

CVE-2020-24220

ShopXO v1.8.1 has a command execution vulnerability. Attackers can use this vulnerability to execute arbitrary commands and gain control of the server...

8.8CVSS8.1AI score
Exploits0References1
Prion
Prion
added 2020/08/17 5:15 p.m.22 views

Command injection

ShopXO v1.8.1 has a command execution vulnerability. Attackers can use this vulnerability to execute arbitrary commands and gain control of the server...

9CVSS9.2AI score0.02401EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/08/17 4:3 p.m.13 views

CVE-2020-24220

ShopXO v1.8.1 has a command execution vulnerability. Attackers can use this vulnerability to execute arbitrary commands and gain control of the server...

9.3AI score0.02401EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/08/13 2:59 a.m.17 views

CVE-2020-8716

Improper access control for some IntelR Server Boards, Server Systems and Compute Modules before version 1.59 may allow an authenticated user to potentially enable denial of service via local access...

5.4AI score0.00303EPSS
Exploits0References2
CNVD
CNVD
added 2020/08/12 12:0 a.m.4 views

Multiple Vulnerabilities in JAVAPMS Portal Management System of Nanchang Zhengneng Information Technology Co.

JAVAPMS portal management system to SpringMVC + Spring + Hibernate + Freemarker + Html5 + jQuery for the technical core architecture , for individual webmasters , commercial enterprises , government agencies , educational institutions and other various units of the organization's information port...

7.1AI score
Exploits0
Rows per page
Query Builder