SQL Injection Vulnerability in PHPSHE B2C Mall System v1.5

PHPSHE mall system is a combination of product display, online shopping, order management, payment management, article management, customer consultation and feedback and other functions, and provides easy operation, practical features, quickly allow users to establish a personalized online store,...

Code execution vulnerability in ThinkerCMS InputController.class.php

ThinkerPHP is based on thinkphp3.2 development of a rapid development system, which has excellent user experience, efficient development efficiency, simple and easy to get started, etc. ThinkerCMS is ThinkerPHP's content management system dedicated to small websites. A code execution vulnerabilit...

ourphp ourphp_filebox.php write any file vulnerability in frontend

OURPHP is a PHP+MySQL based development of W3C standard building system. ourphp v1.7.3 ourphpfilebox.php exists a write arbitrary file vulnerability in the frontend, due to the program fails to effectively examine the data submitted by visitors. Attackers use the vulnerability by writing Trojan...

File upload vulnerability in the latest version of metinfo

metinfo cms is an enterprise website management system with PHP Mysql architecture. A file upload vulnerability exists in metinfo cms due to the system not effectively filtering the depth variable. An attacker can use this vulnerability to bypass the include file and upload a webshell to gain...

File Upload Vulnerability in FeiWa B2B2C Mall System

FeiWa B2B2C mall system is an enterprise-level B2B2C e-commerce platform system. A file upload vulnerability exists in FeiWa B2B2C Mall System. An attacker can exploit the vulnerability to parse a webshell in image format...

St2-045 Remote Command Execution Vulnerability in Dieppe UMC Unified Management Center

As a unified management platform of DIPPER Technology, UMC carries out componentized management for the whole series of DIPPER products. Each type of product can be added to the platform in the form of components, and each component can be deeply and intelligently related to each other, so as to...

Arbitrary File Write Vulnerability in Wolf CMS 0.8.3.1 Backend

Wolf CMS is a lightweight CMS program written in PHP. The latest version of Wolf CMS, version 0.8.3.1, has an arbitrary file write vulnerability in the backend, which can be exploited to create files with arbitrary suffixes and write arbitrary content. An attacker can use this vulnerability to...

NIUSHOP open source mall system front '/Components.php' page there are arbitrary file upload vulnerabilities

NiuShop open source mall system is by Shanxi Niu Cool Information Technology Co., Ltd. completely independent design, research and development of a set of PHP open source e-commerce system . NIUSHOP open source mall system front '/Components.php' page there are arbitrary file upload vulnerability...

NIUSHOP open source mall system front '/member.php' page there are arbitrary file upload vulnerabilities

NiuShop open source mall system is by Shanxi Niu Cool Information Technology Co., Ltd. completely independent design, research and development of a PHP open source e-commerce system . NIUSHOP open source mall system front '/member.php' page there are arbitrary file upload vulnerability . As the...

Two File Upload Vulnerabilities Exist in Website Builder Star Backend

Ltd., is a cloud computing-based Internet application service provider. There are file upload vulnerabilities in the background of sitestar 1 banner scroll bar edit-select single image upload and 2 product management in the background-edit more image upload. Allow attackers to upload webshell and...

File Upload Vulnerability in Ctrip CMS (XerCMS) at Member Avatar Upload

Ctrip CMS XerCMS is a content management system based on php+mysql, integrating membership, community, guestbook, news and model management. XerCMS has a file upload vulnerability at the member avatar upload. Since the program uses a blacklist filtering mechanism for the filename suffix of the...

massExpConsole - Collection of Tools and Exploits with a CLI UI

Collection of Tools and Exploits with a CLI UI What does it do? an easy-to-use user interface cli execute any adapted exploit with process-level concurrency crawler for baidu and zoomeye a simple webshell manager some built-in exploits automated more to come... Requirements GNU/Linux or MacOS, WS...

finecms has a csrf vulnerability

FineCMS is a content management system based on PHP+MySql. A CSRF vulnerability exists in the finecms backend form for executing SQL, which can be exploited by attackers to trick administrators into clicking on a malicious link to execute SQL statements and write a webshell to gain server...

Arbitrary File Upload Vulnerability in 'ExamFileUp.ashx' File of MicroXia Online Learning Platform

Micro Xia Online Learning Platform is an online education system based on B/S architecture. An arbitrary file upload vulnerability exists in the 'ExamFileUp.ashx' file of MicroXia Online Learning Platform. It allows attackers to upload webshell and gain server privileges...

Arbitrary file upload vulnerability in the action/fileUpload.asp file of the Access Specialist management system

Despatch Access Specialist Management System is a CATI software that integrates telephone access, call center, and web survey into one; a CATI software that provides hosted services with "Cloud Computing" and "SaaS Model". An arbitrary file upload vulnerability exists in the action/fileUpload.asp...

Novell iManager and NetIQ iManager File Upload Vulnerability

Novell iManager is a WEB-based application from Novell, Inc. that allows you to use wireless devices to manage and configure Novell eDirectory objects.NetIQ iManager is a WEB-based application from NetIQ, Inc. that allows you to use wireless devices to manage and configure eDirectory objects. A...

CVE-2017-7432

Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have a webshell upload vulnerability...

Design/Logic Flaw

Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have a webshell upload vulnerability...

CVE-2017-7432

Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have a webshell upload vulnerability...

CVE-2017-7432

Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have a webshell upload vulnerability...