Lucene search
K

1369 matches found

CNVD
CNVD
added 2021/02/19 12:0 a.m.2 views

File Upload Vulnerability in VisualField SC***.exe Component at Zhejiang ZDZ Information Technology Co.

VisualField VF for short system software is a software package for control system configuration and monitoring for the ECS-700 system. A file upload vulnerability exists in the VisualField SC.exe component of Zhejiang ZDAC Information Technology Co. Ltd, which can be exploited by an attacker to...

7.3AI score
Exploits0
CNVD
CNVD
added 2021/02/19 12:0 a.m.2 views

Command Execution Vulnerability in Douxin of Shenzhen Renxin Technology Co.

Douxin is a WeChat open framework developed by Shenzhen Renxin Technology Co. A command execution vulnerability exists in Shenzhen RenWant Technology Limited Douxin, which can be exploited by an attacker to gain control of a web server...

7.5AI score
Exploits0
CNVD
CNVD
added 2021/02/18 12:0 a.m.5 views

Code Execution Vulnerabilities in Knight CMS Backend of Taiyuan Xunyi Technology Co.

Knight CMS is a free and open source professional recruitment system based on PHP MYSQL as the core development. Taiyuan Xunyi Technology Co., Ltd. Knight CMS code execution vulnerabilities exist in the background. Attackers can exploit the vulnerability to obtain control of the server...

7.8AI score
Exploits0
OSV
OSV
added 2021/02/17 3:15 p.m.5 views

CVE-2020-35339

In 74cms version 5.0.1, there is a remote code execution vulnerability in /Application/Admin/Controller/ConfigController.class.php and /ThinkPHP/Common/functions.php where attackers can obtain server permissions and control the server...

9.8CVSS7.8AI score
Exploits0References2
Prion
Prion
added 2021/02/17 3:15 p.m.23 views

Remote code execution

In 74cms version 5.0.1, there is a remote code execution vulnerability in /Application/Admin/Controller/ConfigController.class.php and /ThinkPHP/Common/functions.php where attackers can obtain server permissions and control the server...

7.5CVSS9.7AI score0.04414EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2021/02/17 2:32 p.m.60 views

CVE-2020-35339

CVE-2020-35339 affects 74CMS version 5.0.1. A remote code execution vulnerability exists in the files /Application/Admin/Controller/ConfigController.class.php and /ThinkPHP/Common/functions.php, allowing an attacker to obtain server permissions and control the server. The issue is documented with...

9.8CVSS9.7AI score0.04414EPSS
Exploits1References2Affected Software1
CNVD
CNVD
added 2021/02/12 12:0 a.m.3 views

Chengdu Zero Takeoff Network 07FLY-CRM V1 Exists File Upload Vulnerability

07FLY-CRM is zero take-off network development , based on the GPLv3 agreement issued for small and medium-sized management activities , to provide customer relationship management CRM, sales and marketing inventory JXC, human resources HRM, logistics office supplies, fixed assets, public...

7.1AI score
Exploits0
CNVD
CNVD
added 2021/02/12 12:0 a.m.2 views

Command Execution Vulnerability in Chengdu Zero Takeoff Network 07FLY-CRM V1

07FLY-CRM is zero take-off network development , based on the GPLv3 agreement issued for small and medium-sized management activities , to provide customer relationship management CRM, sales and marketing inventory JXC, human resources HRM, logistics office supplies, fixed assets, public...

7.3AI score
Exploits0
CNVD
CNVD
added 2021/02/11 12:0 a.m.2 views

File Upload Vulnerability in Zero Takeoff Customer Relationship Management System

Chengdu Zero Takeoff Network is an information service provider, mainly dedicated to the Internet basic business, website construction, management system, software customization, optimization and promotion, e-commerce operations and other full range of information technology services. There is a...

7.2AI score
Exploits0
CNVD
CNVD
added 2021/02/10 12:0 a.m.3 views

XML Entity Injection Vulnerability in Training and Exam System of Beijing Yunfan Internet Technology Co.

Beijing Yunfan Internet Technology Co., Ltd. business scope includes: technology development, technology promotion, technology transfer, technology consulting, technical services and so on. Beijing Yunfan Internet Technology Co., Ltd. training and examination system exists XML entity injection...

7.2AI score
Exploits0
CNVD
CNVD
added 2021/02/10 12:0 a.m.4 views

Windows Defender AMSI has a binary vulnerability

Microsoft English name: Microsoft; Chinese name: Microsoft Corporation or American Microsoft Corporation is an American multinational technology company that focuses on the business of developing, manufacturing, licensing, and providing a wide range of computer software services. A binary...

7.3AI score
Exploits0
CNVD
CNVD
added 2021/02/09 12:0 a.m.4 views

Command Execution Vulnerability in Kingdee KIS Flagship Edition of Kingdee Software Ltd.

Kingdee KIS is an ERP software. A command execution vulnerability exists in Kingdee KIS Flagship Edition of Kingdee Software Limited, which can be exploited by an attacker to gain server control privileges...

7.5AI score
Exploits0
CNVD
CNVD
added 2021/02/09 12:0 a.m.2 views

File Upload Vulnerability in E-office OA Self-service Platform of Shanghai Panmicro Network Technology Co.

E-office OA self-service platform is a professional collaborative OA software for small and medium-sized organizations. A file upload vulnerability exists in the E-office OA self-service platform of Shanghai Panmicro Network Technology Co., Ltd. that can be exploited by an attacker to gain contro...

7.4AI score
Exploits0
CNVD
CNVD
added 2021/02/08 12:0 a.m.3 views

File Upload Vulnerability in We7 CMS

We7 CMS is a content management system based on asp.net development. A file upload vulnerability exists in We7 CMS, which can be exploited by an attacker to gain server control privileges...

7.3AI score
Exploits0
CNVD
CNVD
added 2021/02/08 12:0 a.m.2 views

Ltd. into the cloud cms there are file upload vulnerability

Shenzhen Jin Yun Software Technology Co., Ltd. mainly provides services such as Internet software development, including mobile APP, mobile webpage, WeChat public platform services, cloud services and so on. Ltd. into the cloud cms file upload vulnerability, attackers can use the vulnerability to...

7.1AI score
Exploits0
CNVD
CNVD
added 2021/02/08 12:0 a.m.1 views

File Uploading Vulnerability in the Web-based Training Platform of Beijing Boswell Information Technology Co.

Ltd. is one of the "one-stop" providers of e-learning, online examination and knowledge management software products and their total solutions. A file upload vulnerability exists in the online training platform of Beijing Boshiway Information Technology Co., Ltd, which can be exploited by attacke...

7.4AI score
Exploits0
CNVD
CNVD
added 2021/02/07 12:0 a.m.2 views

File Upload Vulnerability in Ticketmaster ERP Management System of Shanghai Shengdai Information Technology Co.

Ticketmaster ERP Management System is a specialized ticket management system for airline ticketing agents. A file upload vulnerability exists in the Ticketmaster ERP Management System of Shanghai Shengdai Information Technology Company Limited, which can be exploited by an attacker to gain contro...

7.4AI score
Exploits0
CNVD
CNVD
added 2021/02/06 12:0 a.m.3 views

Command Execution Vulnerability in JTopCMS Backend of Hefei Mingjing Information Technology Co.

JTopCMS is based on the JavaEE standard , used to manage site content of the open source web management system . Hefei Mingjing Information Technology Co., Ltd. JTopCMS back-end command execution vulnerability, attackers can use the vulnerability to obtain control of the web server...

7.2AI score
Exploits0
CNVD
CNVD
added 2021/02/05 12:0 a.m.4 views

File Upload Vulnerability in ShopXO

ShopXO is an open source enterprise-level open source e-commerce system. ShopXO has a file upload vulnerability that can be exploited by an attacker to gain control of the web server...

7.4AI score
Exploits0
CNVD
CNVD
added 2021/02/05 12:0 a.m.3 views

Command Execution Vulnerability in GOCLOUD-ISP1000 and GOCLOUD-ISP2000

Shanghai Guoyun Information Technology Co., Ltd. is a provider of intelligent network products and services. A command execution vulnerability exists in GOCLOUD-ISP1000 and GOCLOUD-ISP2000, which can be exploited by an attacker to gain control of a web server...

7.5AI score
Exploits0
Rows per page
Query Builder