1369 matches found
Unrestricted file upload
In Sentrifugo 3.2, users can share an announcement under "Organization - Announcements" tab. Also, in this page, users can upload attachments with the shared announcements. This "Upload Attachment" functionality is suffered from "Unrestricted File Upload" vulnerability so attacker can upload...
CVE-2020-26803
In Sentrifugo 3.2, users can upload an image under "Assets - Add" tab. This "Upload Images" functionality is suffered from "Unrestricted File Upload" vulnerability so attacker can upload malicious files using this functionality and control the server...
File Upload Vulnerability in XHCMS Backend
XHCMS is a version of a general-purpose cms system that supports full site static. There is a file upload vulnerability in the background of XHCMS, which can be exploited by attackers to obtain server control privileges...
07FLY-CMS V1.1.4 has a file upload vulnerability
Zero Takeoff is a professional information technology service provider, mainly dedicated to the Internet basic business, website construction, management system, software customization, optimization and promotion, e-commerce operation and other comprehensive information technology services...
Command Execution Vulnerability in NetEase Cloud Music (Windows Client) of Guangzhou NetEase Computer System Co.
NetEase Cloud Music is a music player that focuses on discovery and sharing. A command execution vulnerability exists in NetEase Cloud Music Windows client of Guangzhou NetEase Computer Systems Co. that can be exploited by an attacker to gain server control privileges...
SQL Injection Vulnerability in bycms Content Management System
Beyoncms bycms content management system is a content management system. The bycms content management system suffers from a SQL injection vulnerability. An attacker can exploit this vulnerability to gain server control privileges...
Command Execution Vulnerability in WeCenter Admin Backend
WeCenter Social Knowledge Quiz System is a php quiz system developed with PHP+MySQL. A command execution vulnerability exists in the WeCenter administration backend. An attacker can exploit this vulnerability to gain control of the server...
File Upload Vulnerability in bloofoxCMS v0.5.1
bloofoxCMS is an open source, easy to use small content management system. A file upload vulnerability exists in bloofoxCMS v0.5.1. An attacker can exploit this vulnerability to upload a malicious php file in the user's avatar upload area to gain control of the web server...
File upload vulnerability in MCms backend of Jiangxi Minsoft Technology Co. Ltd (CNVD-2020-64532)
Jiangxi Minsoft Technology Co., Ltd. business scope includes: information technology consulting services; Internet information services; computer software technology development and so on. Jiangxi Minsoft Technology Co., Ltd. MCms background file upload vulnerability, attackers can use the...
File Upload Vulnerability in Microconsultation Communication System of Beijing Zhongwang Network Technology Co.
Founded in 2010 and headquartered in Beijing Zhongguancun Science and Technology Park, Beijing Zhongwang Network Technology Co., Ltd. is a high-tech enterprise dedicated to the research, development and innovation of multimedia communication technology. A file upload vulnerability exists in Beiji...
File upload vulnerability in MCms backend of Jiangxi Minsoft Technology Co.
Jiangxi Minsoft Technology Co., Ltd. business scope includes: information technology consulting services; Internet information services; computer software technology development and so on. Jiangxi Minsoft Technology Co., Ltd. MCms background file upload vulnerability, attackers can use the...
Command execution vulnerability in PHPEMS backend (CNVD-2020-64558)
PHPEMS is an open source Chinese online examination system, the system is based on PHP for development, is a collection of online exams, video playback and other functions, on the operation of the simple domestic boutique system. PHPEMS backend command execution vulnerability , attackers can use...
Command Execution Vulnerability in PHP Version of Rookie Enterprise Website System
Rookie enterprise website system PHP version is a PHP enterprise website system. Rookie Enterprise Website System PHP Edition has a command execution vulnerability that can be exploited by attackers to gain control of the server...
CupCMS suffers from SQL injection vulnerability (CNVD-2020-65196)
CupCMS is a content management system that integrates video, stars, news, comics, community and more. CupCMS suffers from a SQL injection vulnerability that can be exploited by attackers to gain control of the server...
Command Execution Vulnerability in XYHCMS of Kunming Yuntao Technology Co. Ltd (CNVD-2020-62733)
XYHCMS is a completely open source CMS content management system. A command execution vulnerability exists in XYHCMS by Kunming Yuntao Technology Co. An attacker can exploit the vulnerability to gain control of the server...
Extreme PDF to WORD Command Execution Vulnerability
Extreme PDF to Word is a PDF to Word converter. Extreme PDF to WORD has a command execution vulnerability that can be exploited by an attacker to gain control of the server...
Command Execution Vulnerability in Swift Apple Screen Recorder Wizard
Swift Apple Screen Recording Wizard is a cell phone cast screen recording software. A command execution vulnerability exists in Swift Apple Screen Recorder, which can be exploited by an attacker to gain control of the server...
Command Execution Vulnerability in Xunjie PDF Converter
Swift PDF Converter can realize the conversion of a variety of office document formats, including PDF to Word, PPT, Excel, HTML, TXT, images and so on. Swift PDF Converter has a command execution vulnerability that can be exploited by attackers to gain control of the server...
Command Execution Vulnerability in Swift Flowchart
Xunjie Flowchart Maker is a flowchart drawing tool. The software can be used to draw business flowcharts, program flowcharts, organization charts, workflow charts and so on for various professions. Swift Flowchart has a command execution vulnerability that can be exploited by an attacker to gain...
Command Execution Vulnerability in Quick Thinking Maps for Windows
Xunjie Mind Mapping is a computer mind mapping software, which can draw business flow charts, organization charts, data flow charts, program flow charts, etc. It supports custom drawing operations and so on. A command execution vulnerability exists in Swift Mind Mapping for Windows, which can be...