10 matches found
CVE-2025-34045
A path traversal vulnerability exists in WeiPHP 5.0, an open source WeChat public account platform development framework by Shenzhen Yuanmengyun Technology Co., Ltd. The flaw occurs in the picUrl parameter of the /public/index.php/material/Material/downloadimgage endpoint, where insufficient inpu...
SQL Injection Vulnerability in Website Construction System of Guangzhou Daxun Yunshang Network Technology Co.
Guangzhou Daxun Yunshang Network Technology Co., Ltd. is a company mainly engaged in enterprises and institutions of Internet application services, website construction, mobile station, micro letter platform depth development, SEO website optimization and promotion of business. Guangzhou Daxun...
XML Entity Injection Vulnerability in the JeewxBoot WeChat Butler Platform
JeewxBoot WeChat Butler Platform is a free JAVA WeChat Butler Platform that supports WeChat public number, small program, WeChat third-party platforms, sweepstakes and so on. JeewxBoot WeChat Butler Platform suffers from an XML entity injection vulnerability, which can be exploited by attackers t...
Command execution vulnerability in weiphp Ad***.cl***.php
WeiPHP is an open source WeChat public platform development framework, can easily build a personal WeChat public account operation platform. A command execution vulnerability exists in weiphp Ad.cl.php, which can be exploited by attackers to gain server privileges...
WeiPHP suffers from an information leakage vulnerability
WeiPHP is an open source WeChat public platform development framework to build a personal WeChat public account operation platform. WeiPHP suffers from an information disclosure vulnerability. An attacker can exploit this vulnerability to obtain sensitive information...
Weiphp 5.0 beta frontend Ma***.php page has XSS vulnerability
WeiPHP is an open source WeChat public platform development framework, can easily build a personal WeChat public account operation platform. An XSS vulnerability exists in the Weiphp 5.0 beta frontend Ma.php page. An attacker can use this vulnerability to insert malicious js code to obtain user...
Microdistribution has a flawed logic vulnerability
Micro Distribution is a WeChat distribution platform tailored for businesses. Micro distribution has a logic flaw vulnerability, an attacker can use the vulnerability to overstep the right to modify the entire network of users' shipping address information...
WeiPHP 5.0beta frontend Us***.php has SQL injection vulnerability
WeiPHP is an open source WeChat public platform development framework, can easily build a personal WeChat public account operation platform. A SQL injection vulnerability exists in WeiPHP 5.0beta frontend at Us.php. Attackers can use this vulnerability to obtain sensitive database information...
Sichuan Jiayuan Electronic Technology Co., Ltd. has an overstepping access vulnerability in the Medjia Cloud
The MediKarma Cloud Platform is a forward-looking medical model solution under the "Internet+Medicine" model. Sichuan Jiayuan Electronic Technology Co., Ltd. medical good cloud WeChat registration platform there is an overstepping access vulnerability, the attacker can use the vulnerability to...
XSS Vulnerability in WeiPHP, an Open Source WeChat Public Platform Development Framework
WeiPHP is an easy to build, scalable open source WeChat public platform development framework, you can easily build a belong to their own WeChat public account operation platform. Open source WeChat public platform development framework WeiPHP index.php in the root directory exists an xss...