1369 matches found
File Upload Vulnerability in IC Space Management System
IC Space Management System is a library IC space management system developed by Hangzhou Lianchuang Information Technology Co. IC Space Management System has a file upload vulnerability that can be exploited by an attacker to gain control of the web server...
Code Execution Vulnerability in E-House CMS
E-House cms real estate website system is mainly for the real estate industry development of real estate website system, to thinkphp5.0 as the core development. E-House CMS has a code execution vulnerability that can be exploited by attackers to inject malicious code and execute it to gain contro...
File upload vulnerability in Billing Master Ke***.cl***.php page
Billing Master is the first provider of real estate management system and housing management system source code, the system has a full-featured listings of customer management. Ke.cl.php page has a file upload vulnerability that can be exploited by an attacker to gain control of the server...
Cross-Site Scripting
Overview Versions of @novnc/novnc prior to 0.6.2 are vulnerable to Cross-Site Scripting XSS. The package fails to validate input from the remote VNC server such as the VNC server name. This allows an attacker in control of the remote server to execute arbitrary JavaScript in the noVNC web page. I...
Code Execution Vulnerability in TurboMail
TurboMail is developed by Guangzhou Topo Software Technology Co., Ltd. for the enterprise and public institution communication needs and the development of e-mail server system. TurboMail code execution vulnerability, an attacker can use this vulnerability to obtain control of the web server...
Jspxcms has a file upload vulnerability (CNVD-2019-40540)
Jspxcms is a scalable enterprise-class open source web content management system CMS. Jspxcms has a file upload vulnerability that can be exploited by an attacker to gain control of the web server...
File Upload Vulnerability in LJCMS
LJCMS is a free and open source content management system. LJCMS suffers from a file upload vulnerability that can be exploited by an attacker to gain control of a web server...
Code Execution Vulnerability in ShopXO
ShopXO is an open source enterprise-level open source e-commerce system. A code execution vulnerability exists in ShopXO, which can be exploited by an attacker to gain control of a web server...
Remote Desktop Client Remote Code Execution Vulnerability
A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server. An attacker who successfully exploited this vulnerability could execute arbitrary code on the computer of the connecting client. An attacker could then install programs;...
Command Execution Vulnerability in Xunrui CMS (CNVD-2019-33541)
Xunrui CMS content management framework is based on PHP7 language using the latest CodeIgniter4 as a development framework for the production of web content management framework, providing "computer site + mobile site + APP interface" integrated web technology solutions. There is a command...
Code Execution Vulnerability in Thunderwind Movie CMS (CNVD-2019-33540)
Thunderwind Movie CMS is a PHP based THINKPHP3.2.3 framework development, suitable for all kinds of video, film and television websites, film and television content management program. Thunderwind CMS has a code execution vulnerability that can be exploited by attackers to gain control of the web...
CVE-2019-10666
An issue was discovered in LibreNMS through 1.47. Several of the scripts perform dynamic script inclusion via the include function on user supplied input without sanitizing the values by calling basename or a similar function. An attacker can leverage this to execute PHP code from the included...
File Upload Vulnerability in OKLite 1.2.25
OKLite is a business building system. A file upload vulnerability exists in OKLite 1.2.25, which can be exploited by attackers to gain control of a web server...
File Upload Vulnerability in Website Building System of Guangzhou LEAFCO Network Technology Co.
Ltd. is a website design company that provides website application system, mobile APP application system and WeChat public number for enterprise users. A file upload vulnerability exists in the website building system of Guangzhou LEAF Network Technology Co., Ltd, which can be exploited by an...
Code Execution Vulnerability in OpenSNS
OpenSNS is a lightweight social user center framework based on OneThink. The system adheres to a minimalist design style and focuses on communication. A code execution vulnerability exists in OpenSNS, which can be exploited by an attacker to gain control of the web server...
File Upload Vulnerability in HadSky Light Forum System
HadSky Light Forum System is a free and open forum system for individual users. A file upload vulnerability exists in the HadSky Light Forum System, which can be exploited by an attacker to gain control of the web server...
Open redirect
All versions of the HTTPie package prior to version 1.0.3 are vulnerable to Open Redirect that allows an attacker to write an arbitrary file with supplied filename and content to the current directory, by redirecting a request from HTTP to a crafted URL pointing to a server in his or hers control...
Code execution vulnerability exists in DouPHP (CNVD-2019-29926)
DouPHP is a lightweight enterprise website management system based on PHP+Mysql architecture, running on various platforms such as Linux, Windows, MacOSX, Solaris and so on. DouPHP has a code execution vulnerability that can be exploited by attackers to gain control of the web server...
Command Execution Vulnerability in DouPHP BLOG
DouPHPBLOG1.5 is a lightweight enterprise website management system, based on PHP+Mysql architecture, running on Linux, Windows, MacOSX, Solaris and other platforms. DouPHPBLOG1.5 suffers from a code execution vulnerability that can be exploited by an attacker to gain control of the server...
Medical Virtual Simulation Teaching Experiment Platform Frontend in File Upload Vulnerability
Medical virtual simulation teaching experiment platform system is a virtual reality system with computer virtual reality and digital simulation technology as the core, biosimulation engine, processing factor database, virtual environment interface and other technologies as the support. Learning...