15 matches found
PcVue 安全漏洞
PcVue is a reliable, secure, and robust operational software platform from PcVue, Inc. dedicated to monitoring and controlling applications in markets such as building and campus management. A security vulnerability exists in PcVue that stems from a message load element that is not properly...
PcVue 安全漏洞
PcVue is a reliable, secure, and powerful operational software platform from PcVue, Inc. dedicated to monitoring and controlling applications in markets such as building and campus management. A security vulnerability exists in PcVue that stems from improper packet inspection and could lead to a...
VulnCheck KEV: CVE-2023-7309
A path traversal vulnerability exists in the Dahua Smart Park Integrated Management Platform also referred to as the Dahua Smart Campus Integrated Management Platform, affecting the SOAP-based GIS bitmap upload interface. The flaw allows unauthenticated remote attackers to upload arbitrary...
Universal Password Login Vulnerability in Integrated Digital Campus Management System
Founded in 2009, Anhui Kexun Education Equipment Group Co., Ltd. is a comprehensive service provider dedicated to the research, development, promotion and service of industry software. A universal password login vulnerability exists in the Digital Campus Integrated Management System, which can be...
File Upload Vulnerability in Integrated Digital Campus Management System
Founded in 2009, Anhui Kexun Education Equipment Group Co., Ltd. is a comprehensive service provider dedicated to the research, development, promotion and service of industry software. A file upload vulnerability exists in the Digital Campus Integrated Management System DCIMS, which can be...
File Upload Vulnerability in Digital Campus Integrated Management System of Anhui Kexun Education Equipment Co.
Digital campus is based on digital information and network, established on computer and network technology for the collection, processing, integration, storage, transmission and application of campus information on teaching, scientific research, management, technical services, life services, etc....
SQL Injection Vulnerability in Digital Campus Integrated Management System of Anhui Kexun Education Equipment Co.(CNVD-2020-33072)
Digital campus is based on digital information and network, established on computer and network technology for the collection, processing, integration, storage, transmission and application of campus information on teaching, scientific research, management, technical services, life services, etc....
Zhengzhou Soter Information Technology Co., Ltd. digital campus management platform has a logic flaw vulnerability
Zhengzhou Sothe Information Technology Co., Ltd. is a software technology as the core, is committed to providing customers with software products, perfect technical support and software outsourcing services company. Zhengzhou Soter Information Technology Co., Ltd. digital campus management platfo...
Information leakage vulnerability in Yinda Hui Zhi An School Easy Intelligent Comprehensive Management Platform
Yinda Hui Zhi An School Easy Intelligent Comprehensive Management Platform is a comprehensive campus information management system, the business includes campus card, attendance, access and so on. There is an information leakage vulnerability in Yinda Hui Zhi An School Easy Intelligent Integrated...
SQL Injection Vulnerability in Yinda Hui Zhi An School Easy Intelligent Integrated Management Platform
Yinda Hui Zhi An School Easy Intelligent Comprehensive Management Platform is a comprehensive campus information management system, the business includes campus card, attendance, access and so on. There is a SQL injection vulnerability in Yinda Hui Zhi Anshu Yi Intelligent Integrated Management...
CVE-2017-7621
Cross Site Scripting Vulnerability in core-eMLi in AuroMeera Technometrix Pvt. Ltd. eMLi V1.0 allows an Attacker to send malicious code, generally in the form of a browser-side script, to a different end user via the page parameter to code/studentportal/home.php. The affected versions are eMLi...
Cross site scripting
Cross Site Scripting Vulnerability in core-eMLi in AuroMeera Technometrix Pvt. Ltd. eMLi V1.0 allows an Attacker to send malicious code, generally in the form of a browser-side script, to a different end user via the page parameter to code/studentportal/home.php. The affected versions are eMLi...
SQL Injection Vulnerability in Digital Campus Management System type=Detail&FileId Parameter of Shanghai Pengda Computer System Development Co.
The digital campus system of Shanghai Pengda Computer System Development Co., Ltd. is a technology platform using .NET+SqlServer. NET+SqlServer technology platform. SQL injection vulnerability exists in the Digital Campus Management System/BG/GRBG/FileManage/FileUPload.aspx page of Shanghai Pengd...
某通用校园管理系统绕过限制getshell(需登录)
简要描述: 某通用校园管理系统绕过限制getshell 详细说明: 接着上次的漏洞来getshell------某通用校园管理系统权限不严格 http://www.wooyun.org/bugs/wooyun-2014-059827/ http://www.fjzhyz.cn/ws2004 用上次的漏洞来获取炒鸡管理员账号登录。 系统管理----资源下载---资源设置 http://www.fjzhyz.cn/ws2004/sysmanage/Resource/resset/default.asp 随便找个分类,修改为如下的设置。我修改的是—优秀课件分类...
某通用校园管理系统权限不严格(默认密码)
简要描述: 可以通过系统内置低权限账号,获取高权限超级管理员密码 详细说明: 在官方演示站http://www.suyaxing.com:81/WS2004/default.asp 以官方公告的口令admin/admin登陆演示站 演示站用户看到Vodadmin 密码为星号,用星号密码查看器看到密码是11。(随后测试了20个站,都是内置这个账号) Vod管理员密码修改后貌似会和官方的Vod视频源冲突所以没有用户敢改。 接下来---------做实验,随机抽个站 实验站:http://www.fjzhyz.cn/ 系统内置低权限账号:Vodadmin 密码11...