14 matches found
EUVD-2020-2958
Malware in sbrugna...
EUVD-2020-2959
Malware in sbrugna...
CVE-2020-10507
The School Manage System before 2020, developed by ALLE INFORMATION CO., LTD., contains a vulnerability of Unrestricted file upload RCE , that would allow attackers to gain access in the hosting machine...
CVE-2020-10506
The School Manage System before 2020, developed by ALLE INFORMATION CO., LTD., contains a vulnerability of Path Traversal, allowing attackers to access arbitrary files...
CVE-2020-10505
The School Manage System before 2020, developed by ALLE INFORMATION CO., LTD., contains a vulnerability of SQL Injection, an attacker can use a union based injection query string to get databases schema and username/password...
Unrestricted file upload
The School Manage System before 2020, developed by ALLE INFORMATION CO., LTD., contains a vulnerability of Unrestricted file upload RCE , that would allow attackers to gain access in the hosting machine...
Sql injection
The School Manage System before 2020, developed by ALLE INFORMATION CO., LTD., contains a vulnerability of SQL Injection, an attacker can use a union based injection query string to get databases schema and username/password...
Path traversal
The School Manage System before 2020, developed by ALLE INFORMATION CO., LTD., contains a vulnerability of Path Traversal, allowing attackers to access arbitrary files...
CVE-2020-10507 ALLE INFORMATION CO., LTD. School Manage System - Security Misconfiguration
The School Manage System before 2020, developed by ALLE INFORMATION CO., LTD., contains a vulnerability of Unrestricted file upload RCE , that would allow attackers to gain access in the hosting machine...
CVE-2020-10507
CVE-2020-10507 concerns the ALLE INFORMATION CO., LTD. School Manage System (before 2020). The issue is an Unrestricted file upload vulnerability that can lead to remote code execution on the hosting machine. Root cause: misconfiguration of the file upload filter in the system (as noted in CNVD-2...
CVE-2020-10506 ALLE INFORMATION CO., LTD. School Manage System - Path Traversal
The School Manage System before 2020, developed by ALLE INFORMATION CO., LTD., contains a vulnerability of Path Traversal, allowing attackers to access arbitrary files...
CVE-2020-10506
CVE-2020-10506 affects the School Manage System (before 2020) by ALLE INFORMATION CO., LTD. The vulnerability is a Path Traversal flaw that allows an attacker to access arbitrary files. The NVD entry lists a CVSSv3 base score of 7.5 (HIGH) , with network attack vector and no privileges required, ...
CVE-2020-10505
Summary (CVE-2020-10505): The School Manage System by ALLE INFORMATION CO., LTD. prior to 2020 contains an SQL Injection vulnerability that can be exploited via a union-based query to disclose database schema and credentials (username/password). Affected component: the School Manage System’s SQL ...
CVE-2020-10505 ALLE INFORMATION CO., LTD. School Manage System - SQL Injection
The School Manage System before 2020, developed by ALLE INFORMATION CO., LTD., contains a vulnerability of SQL Injection, an attacker can use a union based injection query string to get databases schema and username/password...