Thinksns open source microblogging system has a file upload vulnerability

Thinksns is an open source microblogging system. Thinksns is an open source microblogging system file upload vulnerability, through the local construction of the upload form, can be uploaded webshell, to obtain control of the server...

Enterprise Intelligence Series Internet Behavior Management Appliances Exposed to Arbitrary File Upload Vulnerability

The Enterprise Intelligence series of Internet behavior management devices are dedicated to preventing the malicious spread of illegal information. An arbitrary file upload vulnerability exists in the EIZO series of Internet behavior management devices. An attacker can use the vulnerability to...

PHPCMS V9 version of the background design flaws lead to arbitrary code execution vulnerability

Source link: http://www.cnbraid.com/ 0x01 background Since the default after installation requires Super administrator privileges, so the vulnerability is very tasteless, but the feeling should be in other cms, there are also, so the main share under the mining idea PS: using the test environment...

ZKTeco ZKBioSecurity 3.0 - Hard-Coded Credentials SYSTEM Remote Code Execution

ZKTeco ZKBioSecurity 3.0 - Hard-Coded Credentials SYSTEM Remote Code Execution ZKTeco ZKBioSecurity 3.0 Hardcoded Credentials Remote SYSTEM Code Execution Vendor: ZKTeco Inc. | Xiamen ZKTeco Biometric Identification Technology Co.,ltd Product web page: http://www.zkteco.com Affected version:...

SQL Injection Vulnerability in Remote Rapid Application Access Solution System mxcheckuserMachine.php Page Parameter a of UFIDA Information Technology Ltd.

UFIDA UPC Information Technology Co., Ltd. remote rapid application access solution is to use U8 remote access can be realized instantly access to the company's application systems and enterprise information and simplify the deployment and management of complex computing environment. The product...

ZKTeco ZKBioSecurity 3.0 - Hard-Coded Credentials SYSTEM Remote Code Execution

ZKTeco ZKBioSecurity 3.0 Hardcoded Credentials Remote SYSTEM Code Execution Vendor: ZKTeco Inc. | Xiamen ZKTeco Biometric Identification Technology Co.,ltd Product web page: http://www.zkteco.com Affected version: 3.0.1.0R230 Platform: 3.0.1.0R230 Personnel: 1.0.1.0R1916 Access: 6.0.1.0R1757...

Beijing Oriental Wenhui Website Group Content Management System Has Design Flaws and Vulnerabilities

Oriental Wenhui Super Website Group Content Management System is a set of platform system specialized in website development and management for government agencies, enterprises and public institutions. The product has a design flaw vulnerability, there is a design flaw in the copy function of the...

Arbitrary File Write Vulnerability on Server Side of NJ MAGAPP Products

MAGAPP is a forum mobile client management system developed for local urban communities, including iOS, Android cell phone, PC management system, independent Discuz and multi-platform sharing components, able to dock the urban community website database and run independently on the local...

PaKnPost Pro 1.14 - Multiple Vulnerabilities

Exploit Title: PaKnPost Pro Arbitrary File Upload & Remote Code Execution Date: 2016-07-06 Product: PaKnPost Pro Vendor Homepage: http://www.paknpost.org Software Link: https://sourceforge.net/projects/paknpost/ Version: =1.14 Tested on: Windows, Linux Exploit Authors: Edvin Rustemagic, Grega...

Riverbed SteelCentral NetProfiler NetExpress 10.8.7 - Multiple Vulnerabilities

Riverbed SteelCentral NetProfiler NetExpress 10.8.7 - Multiple Vulnerabilities , , . '.' '. ', . , '. , .', , / / / \ \ ==/ /\ \ / / \ / \ / / | \ \ Y Y \ / /| / \ /||| / / /.-. / /:wq x.0 '=.|w|.=' =''"''=. presents.. Riverbed SteelCentral NetProfiler & NetExpress Multiple Vulnerabilities...

Riverbed SteelCentral NetProfiler / NetExpress 10.8.7 XSS / Code Execution

, , . '.' '. ', . , '. , .', , / / / \ \ ==/ /\ \ / / \ / \ / / | \ \ Y Y \ / /| / \ /||| / / /.-. / /:wq x.0 '=.|w|.=' =''"''=. presents.. Riverbed SteelCentral NetProfiler & NetExpress Multiple Vulnerabilities Affected versions: SteelCentral NetProfiler = 10.8.7 & SteelCentral NetExpress...

Airia Shell Upload

Exploit Title: Airia - Webshell Upload Vulnerability Date: 2016-06-20 Exploit Author: HaHwul Exploit Author Blog: www.hahwul.com Vendor Homepage: http://ytyng.com Software Link: https://github.com/ytyng/airia/archive/master.zip Version: Latest commit Tested on: Debian wheezy require "net/http"...

Airia - Arbitrary File Upload

Exploit for php platform in category web applications Exploit Title: Airia - Webshell Upload Vulnerability Date: 2016-06-20 Exploit Author: HaHwul Exploit Author Blog: www.hahwul.com Vendor Homepage: http://ytyng.com Software Link: https://github.com/ytyng/airia/archive/master.zip Version: Latest...

Airia - Arbitrary File Upload

Airia - Arbitrary File Upload Exploit Title: Airia - Webshell Upload Vulnerability Date: 2016-06-20 Exploit Author: HaHwul Exploit Author Blog: www.hahwul.com Vendor Homepage: http://ytyng.com Software Link: https://github.com/ytyng/airia/archive/master.zip Version: Latest commit Tested on: Debia...

Airia - Arbitrary File Upload

Exploit Title: Airia - Webshell Upload Vulnerability Date: 2016-06-20 Exploit Author: HaHwul Exploit Author Blog: www.hahwul.com Vendor Homepage: http://ytyng.com Software Link: https://github.com/ytyng/airia/archive/master.zip Version: Latest commit Tested on: Debian wheezy require "net/http"...

Remote Command Execution Vulnerability in the Video Equipment System of Clearstream Xun (Beijing) Technology Co.

StreamOcean, Inc. is the world's leading high-technology company dedicated to delivering high-definition interactive video over the Internet, with its fully independent intellectual property rights in the StreamOcean Video Delivery Network SOVDN, which provides the infrastructure for full video...

Arbitrary File Write Vulnerability in SiteServer CMS Backend

SiteServer CMS is a website content management system developed by Beijing Billion Software Technology Development Co., Ltd. and is widely used in state ministries, group companies and large-scale portal sites. The information collection function in the management background of SiteServer CMS doe...

Multiple Vulnerabilities in Beijing Wisdom Technology v2 Video Conferencing System

Beijing Wisdom Technology v2 Video Conferencing System is a video conferencing system. There are several vulnerabilities in the v2 Video Conferencing System. It allows attackers to upload webshell and gain server privileges...

LebiShop Mall Backend Arbitrary File Write Vulnerability

LebiShop mall system is an online mall system using ASP.NET language. The system is widely used in small and medium-sized e-commerce enterprises. The mall system's management background provides a system template file editing function, the function of the page file parameters have not been strict...

LebiShop Mall Backend Template Arbitrary File Write Vulnerability

LebiShop mall system is an online mall system using ASP.NET language. The system is widely used in small and medium-sized e-commerce enterprises. The management background of the mall system provides a generate template or generate a single page in the template function, which can generate the...