AeroCMS 代码问题漏洞

AeroCMS is a content management system from the American company AeroCMS. AeroCMS v0.0.1 version of a security vulnerability, the vulnerability stems from /admin/posts.php?source=editpost there are arbitrary file uploads, an attacker can take advantage of the vulnerability to upload a webshell,...

PT-2022-27755 · Aerocms · Aerocms

Name of the Vulnerable Software and Affected Versions: AeroCms version 0.0.1 Description: The issue is related to an arbitrary file upload vulnerability. This vulnerability is located at the "/admin/posts.php?source=edit post" API endpoint, which allows uploading a webshell and potentially...

CVE-2022-46135

In AeroCms v0.0.1, there is an arbitrary file upload vulnerability at /admin/posts.php?source=editpost , through which we can upload webshell and control the web server...

CVE-2022-46135

In AeroCms v0.0.1, there is an arbitrary file upload vulnerability at /admin/posts.php?source=editpost , through which we can upload webshell and control the web server...

CVE-2022-46135

CVE-2022-46135 affects AeroCms v0.0.1. The vulnerability is an arbitrary file upload at /admin/posts.php?source=edit_post that enables uploading a webshell and taking control of the web server. Affected component is the upload endpoint in the admin/post editing flow; root cause details are consis...

Exploit for Code Injection in Vmware Spring_Framework

Spring4Shell-PoC Application This application has been contai...

MSMAP - Memory WebShell Generator

Msmap is a Memory WebShell Generator. Compatible with various Containers, Components, Encoder, WebShell / Proxy / Killer and Management Clients. 简体中文 The idea behind I, The idea behind II Function Dynamic Menu Automatic Compilation Generate Script Lite Mode Graphical Interface Container Java...

CVE-2020-23591

A vulnerability in OPTILINK OP-XT71000N Hardware Version: V2.2 , Firmware Version: OPV3.3.1-191028 allows an attacker to upload arbitrary files through " /mgmdevupgrade.asp " which can "delete every file for Denial of Service using 'rm -rf .' in the code, reverse connection using '.asp' webshell,...

CVE-2020-23591

A vulnerability in OPTILINK OP-XT71000N Hardware Version: V2.2 , Firmware Version: OPV3.3.1-191028 allows an attacker to upload arbitrary files through " /mgmdevupgrade.asp " which can "delete every file for Denial of Service using 'rm -rf .' in the code, reverse connection using '.asp' webshell,...

CVE-2020-23591

A vulnerability in OPTILINK OP-XT71000N Hardware Version: V2.2 , Firmware Version: OPV3.3.1-191028 allows an attacker to upload arbitrary files through " /mgmdevupgrade.asp " which can "delete every file for Denial of Service using 'rm -rf .' in the code, reverse connection using '.asp' webshell,...

PT-2022-8684 · Optilink · Optilink Op-Xt71000N

Name of the Vulnerable Software and Affected Versions: OPTILINK OP-XT71000N Hardware Version: V2.2, Firmware Version: OP V3.3.1-191028 Description: A vulnerability allows an attacker to upload arbitrary files through "/mgm dev upgrade.asp" which can delete every file for Denial of Service using r...

Optilink Network OP-XT71000N 代码问题漏洞

The Optilink Network OP-XT71000N is a wireless router from Optilink Network India. A code issue vulnerability exists in Optilink Network OP-XT71000N version V2.2, which stems from a vulnerability that allows an attacker to cause a denial of service by uploading an arbitrary file via...

CVE-2022-40471

Remote Code Execution in Clinic's Patient Management System v 1.0 allows Attacker to Upload arbitrary php webshell via profile picture upload functionality in users.php...

CVE-2022-40471

Remote Code Execution in Clinic's Patient Management System v 1.0 allows Attacker to Upload arbitrary php webshell via profile picture upload functionality in users.php...

Remote code execution

Remote Code Execution in Clinic's Patient Management System v 1.0 allows Attacker to Upload arbitrary php webshell via profile picture upload functionality in users.php...

CVE-2022-40471

CVE-2022-40471 affects Clinic's Patient Management System v1.0. The flaw is an unrestricted file upload in the profile image handling (users.php) that allows uploading PHP web shells, enabling remote command execution. Connected documents provide exploit modules demonstrating RCE via the profile-...

CVE-2022-40471

Remote Code Execution in Clinic's Patient Management System v 1.0 allows Attacker to Upload arbitrary php webshell via profile picture upload functionality in users.php...

Clinic’s Patient Management System 代码问题漏洞

Clinic's Patient Management System is a patient management system for Carlo Montero's clinic. A security vulnerability exists in Clinic's Patient Management System v 1.0 that could allow an attacker to upload an arbitrary php webshell via the profile picture upload function in users.php...

PT-2022-25396

Name of the Vulnerable Software and Affected Versions Clinic's Patient Management System version 1.0 Description The issue allows an attacker to upload an arbitrary PHP webshell via the profile picture upload functionality in users.php. This enables remote code execution. Recommendations For...

CVE-2022-40471

Remote Code Execution in Clinic's Patient Management System v 1.0 allows Attacker to Upload arbitrary php webshell via profile picture upload functionality in users.php...