2118 matches found
TRCore DVC 安全漏洞
TRCore DVC is a file insurance system from TRCore China. TRCore DVC suffers from a file upload vulnerability that can be exploited by an attacker to upload arbitrary files to any directory and achieve arbitrary code execution by uploading a webshell...
TRCore DVC 安全漏洞
TRCore DVC is a file insurance system from TRCore China. TRCore DVC suffers from a file upload vulnerability that can be exploited by an attacker to upload arbitrary files to any directory and achieve arbitrary code execution by uploading a webshell...
TRCore DVC 安全漏洞
TRCore DVC is a file insurance system from TRCore China. TRCore DVC suffers from a file upload vulnerability that can be exploited by an attacker to upload arbitrary files to any directory and achieve arbitrary code execution by uploading a webshell...
SOPlanning 1.52.01 Remote Code Execution
Exploit Title: SOPlanning 1.52.01 Simple Online Planning Tool - Remote Code Execution RCE Authenticated Date: 6th October, 2024 Exploit Author: Ardayfio Samuel Nii Aryee Version: 1.52.01 Tested on: Ubuntu import argparse import requests import random import string import urllib.parse def...
PT-2024-16906 · Trcore · Trcore'S Dvc
Name of the Vulnerable Software and Affected Versions: TRCore's DVC affected versions not specified Description: The issue concerns a Path Traversal vulnerability in TRCore's DVC, which does not restrict the types of uploaded files. This allows unauthenticated remote attackers to upload arbitrary...
PT-2024-16904 · Trcore · Dvc
Name of the Vulnerable Software and Affected Versions: DVC from TRCore affected versions not specified Description: The issue concerns a Path Traversal vulnerability in the DVC from TRCore, which does not restrict the types of uploaded files. This allows unauthenticated remote attackers to upload...
PT-2024-16902 · Trcore · Trcore Dvc
Name of the Vulnerable Software and Affected Versions: TRCore DVC affected versions not specified Description: The issue concerns a Path Traversal vulnerability in the DVC from TRCore, which also fails to restrict the types of files that can be uploaded. This vulnerability allows unauthenticated...
Exploit for CVE-2024-54761
BigAnt Office Messenger 5.6.06 RCE via SQL Injection SQL injec...
SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (RCE) (Authenticated)
Exploit Title: SOPlanning 1.52.01 Simple Online Planning Tool - Remote Code Execution RCE Authenticated Date: 6th October, 2024 Exploit Author: Ardayfio Samuel Nii Aryee Version: 1.52.01 Tested on: Ubuntu import argparse import requests import random import string import urllib.parse def...
SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (Authenticated) Exploit
Exploit Title: SOPlanning 1.52.01 Simple Online Planning Tool - Remote Code Execution RCE Authenticated Date: 6th October, 2024 Exploit Author: Ardayfio Samuel Nii Aryee Version: 1.52.01 Tested on: Ubuntu import argparse import requests import random import string import urllib.parse def...
CVE-2024-11018
Webopac from Grand Vice info does not properly validate uploaded file types, allowing unauthenticated remote attackers to upload and execute webshells, which could lead to arbitrary code execution on the server...
CVE-2024-11017
Webopac from Grand Vice info does not properly validate uploaded file types, allowing remote attackers with regular privileges to upload and execute webshells, which could lead to arbitrary code execution on the server...
PT-2024-16706 · Unknown · Grand Vice Info Webopac
Name of the Vulnerable Software and Affected Versions: Grand Vice Info Webopac versions up to 6.5.0/7.2.2 Description: The issue is related to the lack of proper file type validation in the Webopac component, allowing unauthenticated remote attackers to upload and execute webshells. This could le...
Grand Vice info Webopac 代码问题漏洞
Grand Vice info Webopac is an online public access catalog from China XinXueYing Info Grand Vice info. It is used for users to access library services over the Internet. A code issue vulnerability exists in Grand Vice info Webopac version 6.x prior to 6.5.1 and version 7.x prior to 7.2.3, which...
Exploit for Code Injection in Vmware Spring_Framework
Expoitation-de-la-vuln-rabilit-CVE-2022-22965 La vulnérabilité...
SofaWiki 3.9.2 Shell Upload Exploit
Exploit Title: SofaWiki 3.9.2 - Remote Code Execution RCE via Open Ticket File Upload Exploit Author: Chokri Hammedi Vendor Homepage: https://www.sofawiki.com Software Link: https://www.sofawiki.com/site/files/snapshot.zip Version: 3.9.2 Tested on: Windows XP Summary: A remote code execution RCE...
Wellchoose Administrative Management System 代码问题漏洞
Wellchoose Administrative Management System is an administrative management system from China Weiweiqiao Information Wellchoose Company. A code issue vulnerability exists in the Wellchoose Administrative Management System due to a failure to properly validate uploaded file types. A remote attacke...
CVE-2024-9985
Enterprise Cloud Database from Ragic does not properly validate the file type for uploads. Attackers with regular privileges can upload a webshell and use it to execute arbitrary code on the remote server...
CVE-2024-9985
Enterprise Cloud Database from Ragic does not properly validate the file type for uploads. Attackers with regular privileges can upload a webshell and use it to execute arbitrary code on the remote server...
CVE-2024-9985 Ragic Enterprise Cloud Database - Arbitrary File Upload
Enterprise Cloud Database from Ragic does not properly validate the file type for uploads. Attackers with regular privileges can upload a webshell and use it to execute arbitrary code on the remote server...