10 matches found
Splashtop Streamer 安全漏洞
Splashtop Streamer is a remote access and remote support software from Splashtop USA. A security vulnerability exists in Splashtop Streamer prior to version 3.7.0.0, which originates from the MSI installer using a temporary folder with weak privileges during installation. An attacker could exploi...
Zyxel CloudCNM SecuManager 安全漏洞
Zyxel CloudCNM SecuManager is a set of network management software from Taiwan, China-based Zyxel. The software supports centralized control, device management and intelligent monitoring. A security vulnerability exists in Zyxel CloudCNM SecuManager version 3.1.0 and 3.1.1, which originates from...
CVE-2022-26676
aEnrich a+HRD has inadequate privilege restrictions, an unauthenticated remote attacker can use the API function to upload and execute malicious scripts to control the system or disrupt service...
Cpanel 信息泄露漏洞
cPanel is a set of Web-based host control management system of the U.S. cPanel. An information disclosure vulnerability exists in cPanel versions prior to 96.0.8. The vulnerability stems from weak privileges on web statistics. An attacker can exploit this vulnerability to obtain information...
Autodesk Licensing Services 访问控制错误漏洞
Autodesk Licensing Services is a licensing service of the American company Autodesk. An Access Control Error vulnerability exists in Autodesk Licensing Services, which originates from a malicious user with restricted privileges can run any number of tools on the system to identify services...
CVE-2020-13534
A privilege escalation vulnerability exists in Dream Report 5 R20-2. COM Class Identifiers CLSID, installed by Dream Report 5 20-2, reference LocalServer32 and InprocServer32 with weak privileges which can lead to privilege escalation when used. An attacker can provide a malicious file to trigger...
CVE-2020-13534
A privilege escalation vulnerability exists in Dream Report 5 R20-2. COM Class Identifiers CLSID, installed by Dream Report 5 20-2, reference LocalServer32 and InprocServer32 with weak privileges which can lead to privilege escalation when used. An attacker can provide a malicious file to trigger...
Privilege escalation
A privilege escalation vulnerability exists in Dream Report 5 R20-2. COM Class Identifiers CLSID, installed by Dream Report 5 20-2, reference LocalServer32 and InprocServer32 with weak privileges which can lead to privilege escalation when used. An attacker can provide a malicious file to trigger...
CuteNews 2.1.2 Authenticated Shell Upload
Exploit Title: CuteNews 2.1.2 - Authenticated Arbitrary File Upload Date: 2020-05-12 Author: Vigov5 - SunCSR Team Vendor Homepage: https://cutephp.com Software Link: https://cutephp.com/click.php?cutenewslatest Version: v2.1.2 Tested on: Ubuntu 18.04 / Kali Linux Description:...
cPanel Authorization Issues Vulnerability (CNVD-2019-36124)
cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. An authorization issue vulnerability exists in cPanel. An attacker can exploit this vulnerability to create the cpdavderrorlog fi...