59 matches found
CVE-2024-11018 Grand Vice info Webopac - Arbitrary File Upload
Webopac from Grand Vice info does not properly validate uploaded file types, allowing unauthenticated remote attackers to upload and execute webshells, which could lead to arbitrary code execution on the server...
CVE-2024-11018 Grand Vice info Webopac - Arbitrary File Upload
Webopac from Grand Vice info does not properly validate uploaded file types, allowing unauthenticated remote attackers to upload and execute webshells, which could lead to arbitrary code execution on the server...
CVE-2024-11018
CVE-2024-11018 affects Grand Vice Info Webopac. Public records describe a lack of proper file-type validation that allows unauthenticated remote attackers to upload and execute webshells, potentially enabling arbitrary code execution on the server. Affected versions are stated as up to 6.5.0/7.2....
CVE-2024-11017 Grand Vice info Webopac - Arbitrary File Upload
Webopac from Grand Vice info does not properly validate uploaded file types, allowing remote attackers with regular privileges to upload and execute webshells, which could lead to arbitrary code execution on the server...
CVE-2024-11017 Grand Vice info Webopac - Arbitrary File Upload
Webopac from Grand Vice info does not properly validate uploaded file types, allowing remote attackers with regular privileges to upload and execute webshells, which could lead to arbitrary code execution on the server...
CVE-2024-11017
CVE-2024-11017 affects Grand Vice info Webopac. The issue is improper validation of uploaded file types in Webopac, enabling remote attackers with regular privileges to upload and execute webshells, risking arbitrary code execution on the server. Affected versions include Grand Vice Webopac 6.x b...
CVE-2024-11016
CVE-2024-11016 affects Webopac from Grand Vice info. The vulnerability is a SQL Injection that allows unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents. Reported CVSS 3.1 v3.1 base score is 9.8 (CRITICAL) with network attack Vector, no...
CVE-2024-11016 Grand Vice info Webopac - SQL Injection
Webopac from Grand Vice info has a SQL Injection vulnerability, allowing unauthenticated remote attacks to inject arbitrary SQL commands to read, modify, and delete database contents...
CVE-2024-11016 Grand Vice info Webopac - SQL Injection
Webopac from Grand Vice info has a SQL Injection vulnerability, allowing unauthenticated remote attacks to inject arbitrary SQL commands to read, modify, and delete database contents...
PT-2024-16710 · Grand Vice Info · Webopac
Name of the Vulnerable Software and Affected Versions: Webopac from Grand Vice info affected versions not specified Description: The issue is a Stored Cross-site Scripting vulnerability, allowing remote attackers with regular privileges to inject arbitrary JavaScript code into the server. When...
Grand Vice info Webopac 跨站脚本漏洞
Grand Vice info Webopac is an online public access catalog from China XinXueYing Info Grand Vice info. It is used for users to access library services over the Internet. A cross-site scripting vulnerability in Grand Vice info Webopac version 6.x before 6.5.1 and version 7.x before 7.2.3 exists,...
PT-2024-16706 · Unknown · Grand Vice Info Webopac
Name of the Vulnerable Software and Affected Versions: Grand Vice Info Webopac versions up to 6.5.0/7.2.2 Description: The issue is related to the lack of proper file type validation in the Webopac component, allowing unauthenticated remote attackers to upload and execute webshells. This could le...
Grand Vice info Webopac 跨站脚本漏洞
Grand Vice info Webopac is an online public access catalog from China XinXueYing Info Grand Vice info. It is used for users to access library services over the Internet. A cross-site scripting vulnerability in Grand Vice info Webopac version 6.x prior to 6.5.1 and version 7.x prior to 7.2.3 exist...
Grand Vice info Webopac 代码问题漏洞
Grand Vice info Webopac is an online public access catalog from China XinXueYing Info Grand Vice info. It is used for users to access library services over the Internet. A code issue vulnerability exists in Grand Vice info Webopac version 6.x prior to 6.5.1 and version 7.x prior to 7.2.3, which...
Grand Vice info Webopac SQL注入漏洞
Grand Vice info Webopac is an online public access catalog from China Xinxueying Info Grand Vice info. It is used for users to use library services through the Internet. A SQL injection vulnerability exists in Grand Vice info Webopac version 6.x prior to 6.5.1 and version 7.x prior to 7.2.3, whic...
PT-2024-16709 · Grand Vice Info · Webopac
Name of the Vulnerable Software and Affected Versions: Webopac from Grand Vice info affected versions not specified Description: The Webopac system has a SQL Injection flaw, allowing unauthenticated remote attacks to inject arbitrary SQL commands to read, modify, and delete database contents...
Grand Vice info Webopac SQL注入漏洞
Grand Vice info Webopac is an online public access catalog from China Xinxueying Info Grand Vice info. It is used for users to access library services over the Internet. Grand Vice info Webopac suffers from a SQL injection vulnerability that originates from allowing an unauthenticated, remote...
PT-2024-16704 · Grand Vice Info · Webopac
Name of the Vulnerable Software and Affected Versions: Webopac from Grand Vice info affected versions not specified Description: The issue is a SQL Injection vulnerability, allowing unauthenticated remote attacks to inject arbitrary SQL commands to read, modify, and delete database contents...
PT-2024-16707 · Grand Vice Info · Webopac
Name of the Vulnerable Software and Affected Versions: Webopac from Grand Vice info affected versions not specified Description: The issue is a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript code in the user's browser throug...
Grand Vice info Webopac 代码问题漏洞
Grand Vice info Webopac is an online public access catalog from China XinXueYing Info Grand Vice info. It is used for users to access library services over the Internet. A code issue vulnerability exists in Grand Vice info Webopac versions 6.x prior to 6.5.1 and 7.x prior to 7.2.3, which stems fr...