1369 matches found
freerdp: Integer overflow in region.c
A flaw was found in FreeRDP in versions between 1.0 and 2.0.0. An integer overflow was found in the region.c function which could allow an attacker the ability to control the RDP server as well as the data sent to the client. The highest threat from this vulnerability is to data confidentiality a...
JAVA Deserialization Remote Command Execution Vulnerability in UFIDA NC
UFIDA NC products are world-class high-end management software for group enterprises, with a market share that has reached the first in Asia Pacific among similar products, and have been applied in 8,000 group enterprises, with domestic users covering most critical infrastructure operating units....
Command Execution Vulnerability in Ocean CMS Backend (CNVD-2020-33133)
Ocean CMS is a web content management system based on PHP+MYSQL architecture that can run across platforms. A command execution vulnerability exists in the backend of Ocean CMS, which can be exploited by attackers to gain control of the web server...
File upload vulnerability in weiphp backend
WeiPHP is a convenient and scalable open source WeChat public platform development framework, using it you can easily build a own WeChat public platform. weiphp backend file upload vulnerability, attackers can use the vulnerability to upload malicious files, get server privileges...
Command Execution Vulnerability in XYHCMS of Kunming Yuntao Technology Co.
XYHCMS is a completely open source CMS content management system. A command execution vulnerability exists in XYHCMS by Kunming Yuntao Technology Co. An attacker can exploit the vulnerability to gain control of the server...
Command execution vulnerability exists in imcat (CNVD-2020-31503)
Intimate Cat imcat is a general-purpose website system designed in PHP+MySQL architecture. A command execution vulnerability exists in imcat. An attacker can exploit the vulnerability to gain control of the server...
Command execution vulnerability in SeaCMS backend ad***_pi***.php page
SeaCMS is a station building system based on PHP+MYSQL architecture and supports cross-platform operation. A command execution vulnerability exists in the adpi.php page in the background of SeaCMS. An attacker can exploit the vulnerability to gain control of the server...
File inclusion vulnerability in 115CMS backend In***.php file
115CMS is a content management system developed on ThinkPHP framework. A file inclusion vulnerability exists in the 115CMS backend In.php file. An attacker can exploit this vulnerability to upload arbitrary files and gain control of the web server...
File Containment Vulnerability in Cloud EC B2C Self-Hosted Version
Cloud EC e-commerce system hereinafter referred to as Cloud EC is a set of PHP + MYSQL-based open source e-commerce system software developed independently by Cloud MYSQL e-commerce Co. Cloud EC B2C Self-supporting version of the existence of file containment vulnerability, attackers can use the...
EyouCms suffers from file upload vulnerability (CNVD-2020-28083)
EyouCms is a free and open source enterprise content management system based on the TP5.0 framework as the core development. EyouCms has a file upload vulnerability that can be exploited by attackers to gain control of the web server...
File Upload Vulnerability in Liangjing Mall Online Shop Shopping System (CNVD-2020-28134)
Liangjing online store mall system is to small and medium-sized enterprises and individuals to quickly build a personalized online store, online store system. There is a file upload vulnerability in LiangJing Mall online store shopping system, which can be exploited by attackers to upload malicio...
File Upload Vulnerability in Wecenter of Shenzhen Weike Interactive Co.
WeCenter is an open source knowledge-based social Q&A community program that focuses on organizing, categorizing and retrieving community content and distributing it by connecting to WeChat public platforms, mobile APPs. A file upload vulnerability exists in Shenzhen WeCenter, which can be...
File upload vulnerability exists in CRMEB Open Edition V2.6.13.
CRMEB mall system is based on ThinkPhp6.0 + Vue development of a set of new retail mobile e-commerce system, CRMEB system is a set of customer relationship management + marketing e-commerce system, can quickly accumulate customers, member data analysis, intelligent conversion of customers,...
File Upload Vulnerability in SentCMS Web Management System
SentCMS website management system is a simple and easy-to-use website management system created by Nanchang Tengshu Technology Co. A file upload vulnerability exists in SentCMS, which can be exploited by attackers to upload scripts and gain control of the web server...
File Renaming Vulnerability in YidaCMS Website Management System Backend
YidaCMS website management system is a simple, practical and efficient website builder. A file renaming vulnerability exists in the background of YidaCMS website management system, which can be exploited by an attacker to gain control of the web server...
Command Execution Vulnerability in AdminSet
Adminset is a true fully automated Ops platform developed with Ops thinking in mind. AdminSet suffers from a command execution vulnerability that can be exploited by an attacker to gain control of the server...
Logic Flaw Vulnerability in ETA CMS (CNVD-2020-26403)
ETA CMS is a simple, practical and efficient website builder. A logical flaw exists in EDA CMS, which can be exploited by an attacker to rename arbitrary files to gain control of the web server...
Command Execution Vulnerability in imcat Backend
imcat is a PHP-based open source website building system . imcat backend there is a command execution vulnerability, attackers can use the vulnerability to obtain control of the web server...
File Upload Vulnerability in Rmeeting Room Management System
Rmeeting Conference Room Management System is a system that provides meeting booking services for corporate meeting rooms, large conference centers, and hotel conference centers. A file upload vulnerability exists in the Rmeeting Conference Room Management System, which can be exploited by an...
Code Execution Vulnerability in ETA CMS (CNVD-2020-26413)
ETA CMS is a simple, practical and efficient website builder. A code execution vulnerability exists in EDA CMS, which can be exploited by an attacker to gain control of a web server...