File Upload Vulnerability in ShopXO v1.5.0

ShopXO is an open source enterprise-level open source e-commerce system. A file upload vulnerability exists in ShopXO v1.5.0. Allows attackers to upload webshell and gain server privileges...

File Upload Vulnerability in Website Management System of Kunshan Unicom Technology

Kunshan U-Net Information Technology Co., Ltd. is a website design company that integrates website construction with visual design development and brand online marketing promotion. A file upload vulnerability exists in the website management system of Kunshan YouNET Technology. An attacker can us...

File upload vulnerability in Tongda OA 2015, 2016 Of***.php file

Ltd. is subordinate to China National Weapons Industry Information Center CNWIIC, which is referred to as Tongda Xinke. It is a high-tech team with the main business of collaborative management software development and implementation, service and consulting. A file upload vulnerability exists in...

CVE-2019-12803

In Hunesion i-oneNet version 3.0.7 3.0.53 and 4.0.4 4.0.16, the specific upload web module doesn't verify the file extension and type, and an attacker can upload a webshell. After the webshell upload, an attacker can use the webshell to perform remote code exection such as running a system comman...

File Upload Vulnerability in MetInfo Version 6.2.0

MetInfo adopts PHP + Mysql architecture, which is a cms building system for enterprise website construction. A file upload vulnerability exists in MetInfo version 6.2.0. It allows attackers to upload webshell and gain server privileges...

File upload vulnerability in the file li***_ed***.php of the backend management system of Acme CMS

Acme CMS is a CMS builder using PHP + Mysql architecture, multi-language, responsive display, suitable for personal website construction. There is a file upload vulnerability in the file lied.php in the background management system of Acme CMS. Attackers can use the vulnerability to upload webshe...

File upload vulnerability in the vi***_ed***.php file of the backend management system of Acme CMS

Acme CMS is a CMS builder using PHP + Mysql architecture, multi-language, responsive display, suitable for personal website construction. There is a file upload vulnerability in the vied.php file in the background management system of Acme CMS. Attackers can use the vulnerability to upload webshe...

File upload vulnerability in tx***_fi***.php file in TextpatternCMS backend

TextpatternCMS is a content management system written in PHP. A file upload vulnerability exists in the txfi.php file in the backend of TextpatternCMS. It allows an attacker to upload a webshell and gain server privileges...

File Upload Vulnerability in QCMS 3.0.1 Backend

QCMS website management system is a PHP lightweight system developed through MVC architecture. A file upload vulnerability exists in QCMS version 3.0.1. An attacker can exploit the vulnerability to forge bypass the background login, upload webshell, and gain server privileges...

File upload vulnerability in OFCMS backend ueditor uploadFIle

OFCMS is a content management system developed based on java technology. There is a file upload vulnerability in OFCMS backend ueditor uploadFIle, which can be exploited by attackers to upload webshell and gain server privileges, posing information leakage and operational security risks...

OFCMS background upload file upload vulnerability

OFCMS is a content management system developed based on java technology. There is a file upload vulnerability in OFCMS background upload, which can be exploited by attackers to upload webshell and gain server privileges, posing information leakage and operational security risks...

OFCMS backend ueditor uploadImage file upload vulnerability

OFCMS is a content management system developed based on java technology. There is a file upload vulnerability in OFCMS backend ueditor uploadImage, which can be exploited by attackers to upload webshell and gain server privileges, posing information leakage and operational security risks...

OFCMS backend editUploadImage method has file upload vulnerability

OFCMS is a content management system developed based on java technology. A file upload vulnerability exists in the editUploadImage method in the background of OFCMS, which can be exploited by an attacker to upload a webshell and gain access to the server, posing an information leakage and...

WordPress Plugin Monsters-Editor-10-For-WP-Super-Edit Remote Upload Vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A remote upload vulnerability exists in the WordPress plugin Monsters-Editor-10-For-WP-Super-Edit. Allows an attacker to uplo...

zzzcms v1.5.8 arbitrary file upload vulnerability in background zzz***.php file

zzcms is a free website builder developed in asp language. zzzcms v1.5.8 background zzz.php file exists arbitrary file upload vulnerability. Allow attackers to upload webshell and gain server privileges...

Multiple loopholes in the cadre online learning platform of Hangzhou Elite Online Education Technology Co.

Hangzhou Elite Online Education Technology Co., Ltd. is a brand of cadre online learning, and has successfully built large-scale cadre education platforms for leading cadres of many organization ministries and other organs in China, providing solutions for all-round intelligent learning. There is...

DocCms 2016 version has a file upload vulnerability at the backend templates

DocCMS rice husk enterprise building system, also known as rice husk cms, doccms, formerly known as deep throat enterprise building system ShlCms, is the industry's leading free open source enterprise website building system, enterprise website generation system. DocCms 2016 version of the file...

Arbitrary File Upload Vulnerability in the Frontend of Online Training System of Beijing Xinqi Technology Co.

Beijing Xinqi Technology Co., Ltd. is a technical service enterprise specializing in the research and development of training management software. An arbitrary file upload vulnerability exists in the frontend of the online training system of Beijing Xinqi Technology Co. The vulnerability allows a...

File Upload Vulnerability in Laoban CMS Backend

Laoban CMS content management system referred to as: Laoban CMS is developed by Laoban based on PHP + MYSQL environment of the open source station-building system. File upload vulnerability exists in the background of Laoban CMS. It allows attackers to upload webshell and gain server privileges...

Hefei City, a new software development limited liability company a new housing provident fund series of software with ultra vires access vulnerability

Hefei City, a new software development limited liability company is a computer software development, promotion and provide business management consulting services based on high-tech companies. A vulnerability exists in the Hefei Yixin Software Development Limited Liability Company's Yixin Housing...