Apache Commons Configuration 代码注入漏洞

Apache Commons is a project of the Apache Software Foundation. Apache Commons is vulnerable to a remote code execution vulnerability that could be exploited by attackers to execute malicious code via injection attacks, write webshells to websites, and take control of entire websites or even serve...

CVE-2022-34878

SQL Injection vulnerability in User Stats interface /vicidial/userstats.php of VICIdial via the filedownload parameter allows attacker to spoof identity, tamper with existing data, allow the complete disclosure of all data on the system, destroy the data or make it otherwise unavailable, and beco...

Pea pod app has janus vulnerability

PeaPod is a download marketplace that provides green and safe apps and games. A janus vulnerability exists in the Pea Pod app, which can be exploited by an attacker to gain control of the server...

ClassCMS has a code execution vulnerability

ClassCMS is a content management system. ClassCMS suffers from a code execution vulnerability that could be exploited by attackers to gain control of the server...

CVE-2022-29257 Electron's AutoUpdater module fails to validate certain nested components of the bundle

Electron is a framework for writing cross-platform desktop applications using JavaScript JS, HTML, and CSS. A vulnerability in versions prior to 18.0.0-beta.6, 17.2.0, 16.2.6, and 15.5.5 allows attackers who have control over a given apps update server / update storage to serve maliciously crafte...

Command Execution Vulnerability in the Operation and Maintenance Audit System of Beijing COSCO Kirin Technology Co. Ltd (CNVD-2022-53245)

COSCO KyLin Technology Co., Ltd. is a R&D-oriented software development company, the company's main products are COSCO KyLin Barrier Machine, KyLin SSL VPN, KyLin Dynamic Password System, KyLin Cloud Desktop and so on. Our main products are COSCO Kirin SSL VPN, Kirin Dynamic Password System, Kiri...

Binary vulnerability in vim (CNVD-2022-50690)

Vim is a cross-platform text editor. A binary vulnerability exists in vim, which can be exploited by an attacker to gain control of a server...

Binary vulnerability in vim (CNVD-2022-50689)

Vim is a cross-platform text editor. A binary vulnerability exists in vim, which can be exploited by an attacker to gain control of a server...

Binary vulnerability in vim (CNVD-2022-50691)

Vim is a cross-platform text editor. A binary vulnerability exists in vim, which can be exploited by an attacker to gain control of a server...

Binary Vulnerability in EX300_V2 of Gion Electronics (Shenzhen) Co.

EX300V2 is a repeater from Gion Electronics Shenzhen Co. A binary vulnerability exists in the EX300V2 of Gion Electronics Shenzhen Co. Ltd. that can be exploited by an attacker to gain control of a server...

MingSoft MCMS 代码问题漏洞

MCMS is a java-based development of a lightweight open source content management system . Jiangxi Mingsoft Technology Co., Ltd MCMS file upload vulnerability, an attacker can use the vulnerability to obtain control of the server...

Command Execution Vulnerability in Pisces Hotspot Gateway

Pisces Hotspot Gateway is a gateway product. A command execution vulnerability exists in Pisces Hotspot Gateway that can be exploited by an attacker to gain control of a server...

Vim 缓冲区错误漏洞

Vim is a cross-platform text editor. A binary vulnerability exists in vim, which can be exploited by an attacker to gain control of a server...

Command Execution Vulnerability in WoSmart Top Shop Mall System

Zhejiang WoSmith Information Technology Co., Ltd. is a technology company specializing in mobile Internet technology development. There is a command execution vulnerability in WoSmith's list store mall system, which can be exploited by an attacker to gain control of the server...

Binary Vulnerability in D-Link DIR-890L

The D-Link DIR-890L is a wireless router. A binary vulnerability exists in the D-Link DIR-890L, which can be exploited by an attacker to gain control of the server...

File upload vulnerability exists in the security management system of Centrin JingYun terminal of Beijing Centrin Link Information Technology Co.

Ltd. is a company whose business scope includes Internet information services; technology development, technology services, technology transfer, technology consulting, etc. Beijing Centrin Link Information Technology Co., Ltd. Centrin King Cloud Terminal Security Management System has a file uplo...

CVE-2022-30007

GXCMS V1.5 has a file upload vulnerability in the background. The vulnerability is the template management page. You can edit any template content and then rename to PHP suffix file, after calling PHP file can control the server...

CVE-2022-30007

GXCMS V1.5 has a file upload vulnerability in the background. The vulnerability is the template management page. You can edit any template content and then rename to PHP suffix file, after calling PHP file can control the server...

Design/Logic Flaw

GXCMS V1.5 has a file upload vulnerability in the background. The vulnerability is the template management page. You can edit any template content and then rename to PHP suffix file, after calling PHP file can control the server...

CVE-2022-30007

GXCMS V1.5 has a file upload vulnerability in the background. The vulnerability is the template management page. You can edit any template content and then rename to PHP suffix file, after calling PHP file can control the server...