CVE-2021-43117

fastadmin v1.2.1 is affected by a file upload vulnerability which allows arbitrary code execution through shell access...

Design/Logic Flaw

fastadmin v1.2.1 is affected by a file upload vulnerability which allows arbitrary code execution through shell access...

CVE-2021-43117

fastadmin v1.2.1 is affected by a file upload vulnerability which allows arbitrary code execution through shell access...

fastadmin 代码问题漏洞

fastadmin is a set of ThinkPHP and Bootstrap-based web backend development framework. fastadmin has a security vulnerability that stems from the fact that Fastadmin v1.2.1 is affected by a file upload vulnerability that allows execution of arbitrary code via shell access. No details of the...

Victure WR1200信任管理问题漏洞

Victure WR1200 is a router. Victure WR1200 1.0.3 and prior versions are vulnerable to trust management issues, which can be exploited by attackers to gain control of the device via SSH...

CVE-2021-40520

Airangel HSMX Gateway devices through 5.2.04 have Weak SSH Credentials...

phpok Arbitrary File Write Vulnerability

phpok is a set of enterprise website system developed by Shenzhen锟絪 technology limited company using PHP+MYSQL language. An arbitrary file write vulnerability exists in the editsavef function in framework/admin/tplcontrol.php in phpok version 5.1. An attacker can exploit this vulnerability to wri...

CVE-2020-18439

An issue was discoverered in in function editsavef in framework/admin/tplcontrol.php in qinggan phpok 5.1, allows attackers to write arbitrary files or get a shell...

Design/Logic Flaw

An issue was discoverered in in function editsavef in framework/admin/tplcontrol.php in qinggan phpok 5.1, allows attackers to write arbitrary files or get a shell...

CVE-2020-18439

An issue was discoverered in in function editsavef in framework/admin/tplcontrol.php in qinggan phpok 5.1, allows attackers to write arbitrary files or get a shell...

CVE-2020-18439

CVE-2020-18439 affects the PHP-based system phpok (version 5.1). The vulnerability is in the function edit_save_f within framework/admin/tpl_control.php , described across multiple sources as allowing an attacker to write arbitrary files or obtain a shell on the host. Several connected records (e...

qinggan phpok 代码问题漏洞

phpok is a set of enterprise website system developed by Shenzhen锟絪 technology limited company using PHP+MYSQL language. An arbitrary file write vulnerability exists in the editsavef function in framework/admin/tplcontrol.php in phpok version 5.1. An attacker can exploit this vulnerability to wri...

YouTube Video Grabber 1.9.9.1 Buffer Overflow

Exploit Title: YouTube Video Grabber 1.9.9.1 - Buffer Overflow SEH Date: 01.11.2021 Software Link: https://www.litexmedia.com/ytgrabber.exe Exploit Author: Achilles Tested Version: 1.9.9.1 Tested on: Windows 7 64bit 1.- Run python code : YouTube.py 2.- Open EVIL.txt and copy All content to...

CVE-2021-31356

A command injection vulnerability in command processing on Juniper Networks Junos OS Evolved allows an attacker with authenticated CLI access to be able to bypass configured access protections to execute arbitrary shell commands within the context of the current user. The vulnerability allows an...

Exploit for Incorrect Default Permissions in Vmware Cloud_Foundation

CVE-2022-22948 Information Disclosure in VMWare vCenter -...

Design/Logic Flaw

emlog v6.0 contains a vulnerability in the component admin\template.php, which allows attackers to getshell via a crafted Zip file...

CVE-2020-21654

Affected software: emlog v6.0. Vulnerability: A flaw in the admin\template.php component allows an attacker to obtain a shell by crafting a malicious ZIP file. This is linked to improper validation of uploaded ZIPs. Impact: Remote code execution with high severity potential due to arbitrary shell...

CVE-2021-25473

Assuming a shell privilege is gained, an improper exception handling for multisimbarhidebymeadiafull value in SystemUI prior to SMR Oct-2021 Release 1 allows an attacker to cause a permanent denial of service in user device before factory reset...

Emlog 安全漏洞

Emlog is a PHP and MySQL based CMS builder by the individual developers of Emlog. A security vulnerability exists in Emlog, which is caused by a failure of the product's admin emplate.php to adequately validate user uploaded zip files. The vulnerability can be exploited to obtain a shell, the...

Backdoor.Win32.WinterLove.i Hardcoded Credential

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/c6c81e8ba0a7b9da6216a78dfeccec8d.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.WinterLove.i Vulnerability: Hardcoded Weak Password Description: The WinterLove malwa...