Lucene search
K

59 matches found

Vulnrichment
Vulnrichment
added 2024/11/11 7:2 a.m.11 views

CVE-2024-11018 Grand Vice info Webopac - Arbitrary File Upload

Webopac from Grand Vice info does not properly validate uploaded file types, allowing unauthenticated remote attackers to upload and execute webshells, which could lead to arbitrary code execution on the server...

9.8CVSS8.2AI score0.00803EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/11/11 7:2 a.m.18 views

CVE-2024-11018 Grand Vice info Webopac - Arbitrary File Upload

Webopac from Grand Vice info does not properly validate uploaded file types, allowing unauthenticated remote attackers to upload and execute webshells, which could lead to arbitrary code execution on the server...

9.8CVSS0.00803EPSS
Exploits0References2
CVE
CVE
added 2024/11/11 7:2 a.m.50 views

CVE-2024-11018

CVE-2024-11018 affects Grand Vice Info Webopac. Public records describe a lack of proper file-type validation that allows unauthenticated remote attackers to upload and execute webshells, potentially enabling arbitrary code execution on the server. Affected versions are stated as up to 6.5.0/7.2....

9.8CVSS10AI score0.00803EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/11/11 6:54 a.m.23 views

CVE-2024-11017 Grand Vice info Webopac - Arbitrary File Upload

Webopac from Grand Vice info does not properly validate uploaded file types, allowing remote attackers with regular privileges to upload and execute webshells, which could lead to arbitrary code execution on the server...

8.8CVSS0.0074EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/11/11 6:54 a.m.22 views

CVE-2024-11017 Grand Vice info Webopac - Arbitrary File Upload

Webopac from Grand Vice info does not properly validate uploaded file types, allowing remote attackers with regular privileges to upload and execute webshells, which could lead to arbitrary code execution on the server...

8.8CVSS8AI score0.0074EPSS
Exploits0References2
CVE
CVE
added 2024/11/11 6:54 a.m.58 views

CVE-2024-11017

CVE-2024-11017 affects Grand Vice info Webopac. The issue is improper validation of uploaded file types in Webopac, enabling remote attackers with regular privileges to upload and execute webshells, risking arbitrary code execution on the server. Affected versions include Grand Vice Webopac 6.x b...

8.8CVSS9.1AI score0.0074EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2024/11/11 6:51 a.m.57 views

CVE-2024-11016

CVE-2024-11016 affects Webopac from Grand Vice info. The vulnerability is a SQL Injection that allows unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents. Reported CVSS 3.1 v3.1 base score is 9.8 (CRITICAL) with network attack Vector, no...

9.8CVSS10AI score0.00538EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/11/11 6:51 a.m.19 views

CVE-2024-11016 Grand Vice info Webopac - SQL Injection

Webopac from Grand Vice info has a SQL Injection vulnerability, allowing unauthenticated remote attacks to inject arbitrary SQL commands to read, modify, and delete database contents...

9.8CVSS8.4AI score0.00538EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/11/11 6:51 a.m.31 views

CVE-2024-11016 Grand Vice info Webopac - SQL Injection

Webopac from Grand Vice info has a SQL Injection vulnerability, allowing unauthenticated remote attacks to inject arbitrary SQL commands to read, modify, and delete database contents...

9.8CVSS0.00538EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/11/11 12:0 a.m.5 views

PT-2024-16710 · Grand Vice Info · Webopac

Name of the Vulnerable Software and Affected Versions: Webopac from Grand Vice info affected versions not specified Description: The issue is a Stored Cross-site Scripting vulnerability, allowing remote attackers with regular privileges to inject arbitrary JavaScript code into the server. When...

5.4CVSS6.5AI score0.00279EPSS
Exploits0References12
CNNVD
CNNVD
added 2024/11/11 12:0 a.m.6 views

Grand Vice info Webopac 跨站脚本漏洞

Grand Vice info Webopac is an online public access catalog from China XinXueYing Info Grand Vice info. It is used for users to access library services over the Internet. A cross-site scripting vulnerability in Grand Vice info Webopac version 6.x before 6.5.1 and version 7.x before 7.2.3 exists,...

6.1CVSS6.5AI score0.00324EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/11/11 12:0 a.m.4 views

PT-2024-16706 · Unknown · Grand Vice Info Webopac

Name of the Vulnerable Software and Affected Versions: Grand Vice Info Webopac versions up to 6.5.0/7.2.2 Description: The issue is related to the lack of proper file type validation in the Webopac component, allowing unauthenticated remote attackers to upload and execute webshells. This could le...

9.8CVSS8.5AI score0.00803EPSS
Exploits0References16
CNNVD
CNNVD
added 2024/11/11 12:0 a.m.4 views

Grand Vice info Webopac 跨站脚本漏洞

Grand Vice info Webopac is an online public access catalog from China XinXueYing Info Grand Vice info. It is used for users to access library services over the Internet. A cross-site scripting vulnerability in Grand Vice info Webopac version 6.x prior to 6.5.1 and version 7.x prior to 7.2.3 exist...

5.4CVSS6.3AI score0.00279EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/11/11 12:0 a.m.2 views

Grand Vice info Webopac 代码问题漏洞

Grand Vice info Webopac is an online public access catalog from China XinXueYing Info Grand Vice info. It is used for users to access library services over the Internet. A code issue vulnerability exists in Grand Vice info Webopac version 6.x prior to 6.5.1 and version 7.x prior to 7.2.3, which...

9.8CVSS7.9AI score0.00803EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/11/11 12:0 a.m.4 views

Grand Vice info Webopac SQL注入漏洞

Grand Vice info Webopac is an online public access catalog from China Xinxueying Info Grand Vice info. It is used for users to use library services through the Internet. A SQL injection vulnerability exists in Grand Vice info Webopac version 6.x prior to 6.5.1 and version 7.x prior to 7.2.3, whic...

9.8CVSS8.1AI score0.00451EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/11/11 12:0 a.m.9 views

PT-2024-16709 · Grand Vice Info · Webopac

Name of the Vulnerable Software and Affected Versions: Webopac from Grand Vice info affected versions not specified Description: The Webopac system has a SQL Injection flaw, allowing unauthenticated remote attacks to inject arbitrary SQL commands to read, modify, and delete database contents...

9.8CVSS8.4AI score0.00451EPSS
Exploits0References15
CNNVD
CNNVD
added 2024/11/11 12:0 a.m.6 views

Grand Vice info Webopac SQL注入漏洞

Grand Vice info Webopac is an online public access catalog from China Xinxueying Info Grand Vice info. It is used for users to access library services over the Internet. Grand Vice info Webopac suffers from a SQL injection vulnerability that originates from allowing an unauthenticated, remote...

9.8CVSS8.2AI score0.00538EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/11/11 12:0 a.m.10 views

PT-2024-16704 · Grand Vice Info · Webopac

Name of the Vulnerable Software and Affected Versions: Webopac from Grand Vice info affected versions not specified Description: The issue is a SQL Injection vulnerability, allowing unauthenticated remote attacks to inject arbitrary SQL commands to read, modify, and delete database contents...

9.8CVSS8.3AI score0.00538EPSS
Exploits0References16
Positive Technologies
Positive Technologies
added 2024/11/11 12:0 a.m.11 views

PT-2024-16707 · Grand Vice Info · Webopac

Name of the Vulnerable Software and Affected Versions: Webopac from Grand Vice info affected versions not specified Description: The issue is a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript code in the user's browser throug...

6.1CVSS7.3AI score0.00324EPSS
Exploits0References13
CNNVD
CNNVD
added 2024/11/11 12:0 a.m.10 views

Grand Vice info Webopac 代码问题漏洞

Grand Vice info Webopac is an online public access catalog from China XinXueYing Info Grand Vice info. It is used for users to access library services over the Internet. A code issue vulnerability exists in Grand Vice info Webopac versions 6.x prior to 6.5.1 and 7.x prior to 7.2.3, which stems fr...

8.8CVSS7.9AI score0.0074EPSS
Exploits0References1
Rows per page
Query Builder