CwCms v1.8 Exists Arbitrary File Write Vulnerability

CwCMS is a customized ASP+Access/MsSql content management system specifically designed for corporate websites. CwCms v1.8 version of the existence of arbitrary file write vulnerability, the vulnerability is due to the system to write the content of the file and file path failed to effectively...

Aisook building system v2.1 exists arbitrary file writing vulnerability

Aisook building system is a php + mysql development, based on CodeIgniter main enterprise building system. Aisook building system v2.1 there are arbitrary file writing vulnerability, the vulnerability is due to the system on the file path and write the file content failed to effectively filter. T...

Code Execution Vulnerability in WANCMS v1.0

WANCMS is a content management system that uses php+mysql program source code. A code execution vulnerability exists in WANCMS v1.0 due to the system failing to effectively filter some input parameter values. An attacker can exploit this vulnerability to upload a Trojan horse file and obtain a...

Code Execution Vulnerability in SchoolCMS v2.3

SchoolCMS is a school teaching management system based on PHP+MySQL. A code execution vulnerability exists in SchoolCMS v2.3, which is due to the system failing to effectively filter some of the input parameter values. An attacker can exploit this vulnerability to upload a Trojan horse file and...

Code Execution Vulnerability in LvyeCms Version v3.1

LvyeCms 旅烨cms is a php content management system based on ThinkPHP. A code execution vulnerability exists in LvyeCms v3.1, which is caused by the system failing to adequately filter input parameters and values in cached files. An attacker can exploit this vulnerability to upload a Trojan horse fi...

LvyeCms v3.1 has an arbitrary file creation vulnerability

LvyeCms 旅烨cms is a php content management system based on ThinkPHP. LvyeCms v3.1 version exists arbitrary file creation vulnerability, the vulnerability is due to the system fails to fully filter the incoming file content and path parameters. An attacker can use this vulnerability to upload Troja...

LvyeCms v3.1 has an arbitrary file write vulnerability

LvyeCms 旅烨cms is a php content management system based on ThinkPHP. LvyeCms v3.1 version exists arbitrary file write vulnerability, the vulnerability is due to the system fails to fully filter the incoming file content and path parameters. An attacker can use this vulnerability to upload Trojan...

File Containment Vulnerability in Jiayuan Talent System v3.6

Jiayuan Talent System is a talent website program based on ASP+MSSQL developed by Shanghai Jiabi Network Technology Development Co. Jia Yuan Talent System v3.6 exists a file inclusion vulnerability, the vulnerability is due to the system add and execute scheduled tasks failed to effectively filte...

File Write Vulnerability in Cscms v4.1.8

Cscms is a diversified content management system developed using PHP5+MYSQL as the technical basis. A file write vulnerability exists in Cscms v4.1.8, which is due to the system failing to effectively filter input parameters and file paths. An attacker can use this vulnerability to inject Trojan...

File Renaming Vulnerability in CMS Made Simple v2.2.5

CMS Made Simple is a simple, easy-to-use content management system developed using PHP, MySQL and Smarty template engines. A file renaming vulnerability exists in CMS Made Simple v2.2.5 due to the system failing to effectively filter input parameters. An attacker can exploit this vulnerability to...

ZhiCms v1.8 Code Execution Vulnerability

ZhiCms is an enterprise building system based on PHP and mysql technology. A code execution vulnerability exists in ZhiCms v1.8, which is due to the system failing to effectively filter input parameters. An attacker can exploit this vulnerability to upload a Trojan script file to obtain a webshel...

Tunna - Set Of Tools Which Will Wrap And Tunnel Any TCP Communication Over HTTP

Tunna is a set of tools which will wrap and tunnel any TCP communication over HTTP. It can be used to bypass network restrictions in fully firewalled environments. SUMMARY TLDR: Tunnels TCP connections over HTTP In a fully firewalled inbound and outbound connections restricted - except the...

File Upload Vulnerability in UCMS Version 1.2

UCMS is a simple open source content management system. There is an arbitrary file upload vulnerability in UCMS version 1.2, which can be exploited by attackers to directly upload script Trojan files and obtain webshell...

File Inclusion Vulnerability in Apple CMS v8

Apple CMS is a free cms website builder. Apple CMS v8 suffers from a file inclusion vulnerability, which allows an attacker to obtain a webshell by including local arbitrary files to execute a write trojan file...

Code Execution Vulnerability in LzCMS v1.1.4

LzCMS Lao Zhang Content Management System is a simple blog system made by ThinkPHP+layui. A code execution vulnerability exists in LzCMS v1.1.4, which is due to the system failing to effectively filter data written to cache files. Attackers can use this vulnerability to upload Trojan horse files...

Arbitrary file upload vulnerability in jeecms version 9.2

JEECMS is Jiangxi Jinlei Technology Development Co., Ltd. developed a support for WeChat small program, WeChat public number / service number, column model, content model cross-customization, as well as with the payment and financial settlement of the content of the e-commerce as one of the conte...

Code Execution Vulnerability in SentCMS v3.0.1707

SentCMS website management system is a simple and easy-to-use website management system created by Nanchang Tengshu Technology Co. A code execution vulnerability exists in SentCMS v3.0.1707, which is caused by the system failing to effectively filter data written to cache files. An attacker can u...

File Upload Vulnerability in SentCMS v3.0.1707

SentCMS website management system is a simple and easy-to-use website management system created by Nanchang Tengshu Technology Co. A file upload vulnerability exists in SentCMS v3.0.1707, which is due to the system failing to effectively filter uploaded files. An attacker can exploit this...

Code Execution Vulnerability in DuomiCms x3.0

DuomiCms is a video-on-demand system designed for film and television station owners. A code execution vulnerability exists in the admin/admindatarelate.php file in DuomiCms x3.0, which can be exploited by attackers to obtain webshell...

Code execution vulnerability in DuomiCms x3.0 (CNVD-2018-03672)

DuomiCms is a video-on-demand system designed for film and television station owners. A code execution vulnerability exists in the admin/adminweixin.php file in DuomiCms x3.0 due to the system failing to effectively filter input parameters. An attacker can exploit this vulnerability to obtain a...