13 matches found
EUVD-2024-48606
Malicious code in bioql PyPI...
EUVD-2024-48605
Malicious code in bioql PyPI...
CVE-2024-7729
The CAYIN Technology CMS lacks proper access control, allowing unauthenticated remote attackers to download arbitrary CGI files...
CVE-2024-7728
The specific CGI of the CAYIN Technology CMS does not properly validate user input, allowing a remote attacker with administrator privileges to inject OS commands into the specific parameter and execute them on the remote server...
CVE-2024-7729 CAYIN Technology CMS - Sensitive File Download
The CAYIN Technology CMS lacks proper access control, allowing unauthenticated remote attackers to download arbitrary CGI files...
CVE-2024-7729
CVE-2024-7729 affects CAYIN Technology CMS, where a lack of proper access control allows unauthenticated remote attackers to download arbitrary CGI files. The entry has a CVSS v3.1 base score of 7.5 (HIGH) with network access, low attack complexity, and no privileges required. Public references (...
CVE-2024-7729 CAYIN Technology CMS - Sensitive File Download
The CAYIN Technology CMS lacks proper access control, allowing unauthenticated remote attackers to download arbitrary CGI files...
CVE-2024-7728 CAYIN Technology CMS - OS Command Injection
The specific CGI of the CAYIN Technology CMS does not properly validate user input, allowing a remote attacker with administrator privileges to inject OS commands into the specific parameter and execute them on the remote server...
CAYIN Technology xPost SQL Injection Vulnerability
CAYIN Technology xPost is a digital signage system for conference room management from CAYIN Technology in Taiwan, China. A SQL injection vulnerability exists in CAYIN Technology xPost 2.5 and prior versions. The vulnerability stems from a database-based application that lacks validation of...
Code Execution Vulnerability in CAYIN Technology CMS
CAYIN Technology CMS is a content management system CMS from CAYIN Technology in Taiwan, China. A security vulnerability exists in the 'ntpIp' parameter of the systemservice.cgi file in CAYIN Technology CMS version 11.0 and earlier. A remote attacker could exploit the vulnerability to execute cod...
Cayin Signage Media Player 3.0 - Remote Command Injection (root) Exploit
Exploit for multiple platform in category web applications Title: Cayin Signage Media Player 3.0 - Remote Command Injection root Author:LiquidWorm Vendor: https://www.cayintech.com CVE: N/A !/usr/bin/env python3 Cayin Signage Media Player 3.0 Root Remote Command Injection Vendor: CAYIN Technology...
Cayin Content Management Server 11.0 Root Remote Command Injection
Cayin Content Management Server 11.0 Root Remote Command Injection Vendor: CAYIN Technology Co., Ltd. Product web page: https://www.cayintech.com Affected version: CMS-SE v11.0 Build 19179 CMS-SE v11.0 Build 19025 CMS-SE v11.0 Build 18325 CMS Station CMS-SE-LXC CMS-60 v11.0 Build 19025 CMS-40 v9....
Cayin Content Management Server 11.0 Root Remote Command Injection
Summary CAYIN Technology provides Digital Signage solutions, including media players, servers, and software designed for the DOOH Digital Out-of-home networks. We develop industrial-grade digital signage appliances and tailored services so you don't have to do the hard work. Description CAYIN CMS...