1369 matches found
Command Execution Vulnerability in 4A Unified Security Control Platform of Beijing Qixingchen Information Security Technology Co.
Beijing Qixingchen Information Security Technology Co., Ltd. is an enterprise mainly engaged in science and technology promotion and application service industry. A command execution vulnerability exists in the 4A Unified Security Control Platform of Beijing Qixingchen Information Security...
CVE-2023-32080
Wings is the server control plane for Pterodactyl Panel. A vulnerability affecting versions prior to 1.7.5 and versions 1.11.0 prior to 1.11.6 impacts anyone running the affected versions of Wings. This vulnerability can be used to gain access to the host system running Wings if a user is able to...
Command injection
Wings is the server control plane for Pterodactyl Panel. A vulnerability affecting versions prior to 1.7.5 and versions 1.11.0 prior to 1.11.6 impacts anyone running the affected versions of Wings. This vulnerability can be used to gain access to the host system running Wings if a user is able to...
CVE-2023-32080 Wings vulnerable to escape to host from installation container
Wings is the server control plane for Pterodactyl Panel. A vulnerability affecting versions prior to 1.7.5 and versions 1.11.0 prior to 1.11.6 impacts anyone running the affected versions of Wings. This vulnerability can be used to gain access to the host system running Wings if a user is able to...
CVE-2023-32080 Wings vulnerable to escape to host from installation container
Wings is the server control plane for Pterodactyl Panel. A vulnerability affecting versions prior to 1.7.5 and versions 1.11.0 prior to 1.11.6 impacts anyone running the affected versions of Wings. This vulnerability can be used to gain access to the host system running Wings if a user is able to...
Wings 安全漏洞
Wings is the server control interface for Pterodactyl Panel. A security vulnerability exists in Wings versions prior to 1.7.5 and 1.11.6, which can be exploited by an attacker to gain access to the host...
Jedox 2022.4.2 Database Credential Disclosure
Exploit Title: Jedox 2022.4.2 - Disclosure of Database Credentials via Connection Checks Date: 28/04/2023 Exploit Author: Team Syslifters / Christoph MAHRL, Aron MOLNAR, Patrick PIRKER and Michael WEDL Vendor Homepage: https://jedox.com Version: Jedox 2022.4 22.4.2 and older CVE : CVE-2022-47880...
Binary Vulnerability in GR1108-P of Xinhua San Technologies Ltd.
The GR1108-P is a Gigabit wireless enterprise-class routing device manufactured by Xinhua San Technologies H3C. A binary vulnerability exists in the Xinhua San Technologies GR1108-P, which can be exploited by an attacker to gain control of the server...
Purchase Order Management-1.0 - Local File Inclusion
Title: Purchase Order Management-1.0 - Local File Inclusion Author: nu11secur1ty Date: 03.06.2023 Vendor: https://www.sourcecodester.com/user/257130/activity Software: https://www.sourcecodester.com/php/14935/purchase-order-management-system-using-php-free-source-code.html Reference:...
The vulnerability of the control panel for servers and cloud services, CloudPanel, arises from the use of a rigidly encrypted cryptographic key for the SSL certificate. This allows attackers to gain unauthorized access to protected information.
The vulnerability of the control panel for servers and cloud services like CloudPanel lies in the use of a strictly encrypted cryptographic key for the SSL certificate. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...
PT-2023-21048 · Sap · Sap Businessobjects Business Intelligence Platform
Name of the Vulnerable Software and Affected Versions: SAP BusinessObjects Business Intelligence Platform Web Services versions 420, 430 Description: The issue allows an attacker to control a malicious BOE server, forcing the application server to connect to its own admintools. This results in a...
Command Execution Vulnerability in Tianqing Hanma USG Firewall of Beijing Qixing Information Security Technology Co.
Tianqing Hanma USG Firewall is a new firewall series product launched by Qixing. There is a command execution vulnerability in Tianqing Hanma USG Firewall, which can be exploited by attackers to obtain server control privileges...
File Upload Vulnerability in DSS of Zhejiang Dahua Technology Co.
Zhejiang Dahua Technology Co., Ltd. is a video-centered intelligent IOT solution provider and operation service provider. A file upload vulnerability exists in the DSS of Zhejiang Dahua Technology Co. Ltd, which can be exploited by an attacker to gain server control privileges...
File upload vulnerability exists in DM8 of Wuhan Damon Database Co.(CNVD-2023-25024)
DM8 is a new generation of self-developed database launched by Damon on the basis of summarizing the R&D and application experience of DM series products and adhering to the concepts of open innovation, simplicity and practicality. DM8 of Wuhan Damon Database Co., Ltd. has a file upload...
CVE-2023-25168
Wings is Pterodactyl's server control plane. This vulnerability can be used to delete files and directories recursively on the host system. This vulnerability can be combined with GHSA-p8r3-83r8-jwj5 to overwrite files on the host system. In order to use this exploit, an attacker must have an...
Design/Logic Flaw
Wings is Pterodactyl's server control plane. This vulnerability can be used to delete files and directories recursively on the host system. This vulnerability can be combined with GHSA-p8r3-83r8-jwj5 to overwrite files on the host system. In order to use this exploit, an attacker must have an...
CVE-2023-25168 Symbolic Link (Symlink) Following allowing the deletion of files and directories on the host system in wings
Wings is Pterodactyl's server control plane. This vulnerability can be used to delete files and directories recursively on the host system. This vulnerability can be combined with GHSA-p8r3-83r8-jwj5 to overwrite files on the host system. In order to use this exploit, an attacker must have an...
CVE-2023-25168
CVE-2023-25168 affects Pterodactyl Wings (server control plane). Description: UNIX Symbolic Link (Symlink) Following enables deletion of files/directories on the host when a server is allocated; may be used with GHSA-p8r3-83r8-jwj5 to overwrite host files. Root cause: symbolic link handling in Wi...
CVE-2023-25168 Symbolic Link (Symlink) Following allowing the deletion of files and directories on the host system in wings
Wings is Pterodactyl's server control plane. This vulnerability can be used to delete files and directories recursively on the host system. This vulnerability can be combined with GHSA-p8r3-83r8-jwj5 to overwrite files on the host system. In order to use this exploit, an attacker must have an...
CVE-2023-25168 Symbolic Link (Symlink) Following allowing the deletion of files and directories on the host system in wings
Wings is Pterodactyl's server control plane. This vulnerability can be used to delete files and directories recursively on the host system. This vulnerability can be combined with GHSA-p8r3-83r8-jwj5 to overwrite files on the host system. In order to use this exploit, an attacker must have an...