Lucene search
K

1369 matches found

Prion
Prion
added 2020/11/12 7:15 p.m.14 views

Unrestricted file upload

In Sentrifugo 3.2, users can share an announcement under "Organization - Announcements" tab. Also, in this page, users can upload attachments with the shared announcements. This "Upload Attachment" functionality is suffered from "Unrestricted File Upload" vulnerability so attacker can upload...

6.5CVSS8.6AI score0.01394EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2020/11/12 6:52 p.m.13 views

CVE-2020-26803

In Sentrifugo 3.2, users can upload an image under "Assets - Add" tab. This "Upload Images" functionality is suffered from "Unrestricted File Upload" vulnerability so attacker can upload malicious files using this functionality and control the server...

8.8AI score0.01394EPSS
Exploits1References1
CNVD
CNVD
added 2020/11/12 12:0 a.m.1 views

File Upload Vulnerability in XHCMS Backend

XHCMS is a version of a general-purpose cms system that supports full site static. There is a file upload vulnerability in the background of XHCMS, which can be exploited by attackers to obtain server control privileges...

6.9AI score
Exploits0
CNVD
CNVD
added 2020/11/12 12:0 a.m.3 views

07FLY-CMS V1.1.4 has a file upload vulnerability

Zero Takeoff is a professional information technology service provider, mainly dedicated to the Internet basic business, website construction, management system, software customization, optimization and promotion, e-commerce operation and other comprehensive information technology services...

6.9AI score
Exploits0
CNVD
CNVD
added 2020/11/11 12:0 a.m.1 views

Command Execution Vulnerability in NetEase Cloud Music (Windows Client) of Guangzhou NetEase Computer System Co.

NetEase Cloud Music is a music player that focuses on discovery and sharing. A command execution vulnerability exists in NetEase Cloud Music Windows client of Guangzhou NetEase Computer Systems Co. that can be exploited by an attacker to gain server control privileges...

7.4AI score
Exploits0
CNVD
CNVD
added 2020/11/10 12:0 a.m.2 views

SQL Injection Vulnerability in bycms Content Management System

Beyoncms bycms content management system is a content management system. The bycms content management system suffers from a SQL injection vulnerability. An attacker can exploit this vulnerability to gain server control privileges...

8.2AI score
Exploits0
CNVD
CNVD
added 2020/11/09 12:0 a.m.1 views

Command Execution Vulnerability in WeCenter Admin Backend

WeCenter Social Knowledge Quiz System is a php quiz system developed with PHP+MySQL. A command execution vulnerability exists in the WeCenter administration backend. An attacker can exploit this vulnerability to gain control of the server...

7.3AI score
Exploits0
CNVD
CNVD
added 2020/11/09 12:0 a.m.1 views

File Upload Vulnerability in bloofoxCMS v0.5.1

bloofoxCMS is an open source, easy to use small content management system. A file upload vulnerability exists in bloofoxCMS v0.5.1. An attacker can exploit this vulnerability to upload a malicious php file in the user's avatar upload area to gain control of the web server...

7.2AI score
Exploits0
CNVD
CNVD
added 2020/11/06 12:0 a.m.0 views

File upload vulnerability in MCms backend of Jiangxi Minsoft Technology Co. Ltd (CNVD-2020-64532)

Jiangxi Minsoft Technology Co., Ltd. business scope includes: information technology consulting services; Internet information services; computer software technology development and so on. Jiangxi Minsoft Technology Co., Ltd. MCms background file upload vulnerability, attackers can use the...

6.9AI score
Exploits0
CNVD
CNVD
added 2020/11/06 12:0 a.m.1 views

File Upload Vulnerability in Microconsultation Communication System of Beijing Zhongwang Network Technology Co.

Founded in 2010 and headquartered in Beijing Zhongguancun Science and Technology Park, Beijing Zhongwang Network Technology Co., Ltd. is a high-tech enterprise dedicated to the research, development and innovation of multimedia communication technology. A file upload vulnerability exists in Beiji...

7AI score
Exploits0
CNVD
CNVD
added 2020/11/06 12:0 a.m.1 views

File upload vulnerability in MCms backend of Jiangxi Minsoft Technology Co.

Jiangxi Minsoft Technology Co., Ltd. business scope includes: information technology consulting services; Internet information services; computer software technology development and so on. Jiangxi Minsoft Technology Co., Ltd. MCms background file upload vulnerability, attackers can use the...

6.9AI score
Exploits0
CNVD
CNVD
added 2020/11/05 12:0 a.m.1 views

Command execution vulnerability in PHPEMS backend (CNVD-2020-64558)

PHPEMS is an open source Chinese online examination system, the system is based on PHP for development, is a collection of online exams, video playback and other functions, on the operation of the simple domestic boutique system. PHPEMS backend command execution vulnerability , attackers can use...

7.2AI score
Exploits0
CNVD
CNVD
added 2020/11/02 12:0 a.m.1 views

Command Execution Vulnerability in PHP Version of Rookie Enterprise Website System

Rookie enterprise website system PHP version is a PHP enterprise website system. Rookie Enterprise Website System PHP Edition has a command execution vulnerability that can be exploited by attackers to gain control of the server...

7.5AI score
Exploits0
CNVD
CNVD
added 2020/11/02 12:0 a.m.1 views

CupCMS suffers from SQL injection vulnerability (CNVD-2020-65196)

CupCMS is a content management system that integrates video, stars, news, comics, community and more. CupCMS suffers from a SQL injection vulnerability that can be exploited by attackers to gain control of the server...

8.3AI score
Exploits0
CNVD
CNVD
added 2020/10/29 12:0 a.m.0 views

Command Execution Vulnerability in XYHCMS of Kunming Yuntao Technology Co. Ltd (CNVD-2020-62733)

XYHCMS is a completely open source CMS content management system. A command execution vulnerability exists in XYHCMS by Kunming Yuntao Technology Co. An attacker can exploit the vulnerability to gain control of the server...

7.4AI score
Exploits0
CNVD
CNVD
added 2020/10/28 12:0 a.m.1 views

Extreme PDF to WORD Command Execution Vulnerability

Extreme PDF to Word is a PDF to Word converter. Extreme PDF to WORD has a command execution vulnerability that can be exploited by an attacker to gain control of the server...

7.5AI score
Exploits0
CNVD
CNVD
added 2020/10/28 12:0 a.m.3 views

Command Execution Vulnerability in Swift Apple Screen Recorder Wizard

Swift Apple Screen Recording Wizard is a cell phone cast screen recording software. A command execution vulnerability exists in Swift Apple Screen Recorder, which can be exploited by an attacker to gain control of the server...

7.2AI score
Exploits0
CNVD
CNVD
added 2020/10/28 12:0 a.m.1 views

Command Execution Vulnerability in Xunjie PDF Converter

Swift PDF Converter can realize the conversion of a variety of office document formats, including PDF to Word, PPT, Excel, HTML, TXT, images and so on. Swift PDF Converter has a command execution vulnerability that can be exploited by attackers to gain control of the server...

7.5AI score
Exploits0
CNVD
CNVD
added 2020/10/28 12:0 a.m.1 views

Command Execution Vulnerability in Swift Flowchart

Xunjie Flowchart Maker is a flowchart drawing tool. The software can be used to draw business flowcharts, program flowcharts, organization charts, workflow charts and so on for various professions. Swift Flowchart has a command execution vulnerability that can be exploited by an attacker to gain...

7.4AI score
Exploits0
CNVD
CNVD
added 2020/10/28 12:0 a.m.1 views

Command Execution Vulnerability in Quick Thinking Maps for Windows

Xunjie Mind Mapping is a computer mind mapping software, which can draw business flow charts, organization charts, data flow charts, program flow charts, etc. It supports custom drawing operations and so on. A command execution vulnerability exists in Swift Mind Mapping for Windows, which can be...

7.4AI score
Exploits0
Rows per page
Query Builder