9 matches found
AndSoft e-TMS OS Command Injection Vulnerability (CNVD-2025-23544)
AndSoft e-TMS is a logistics management software from AndSoft Spain. AndSoft e-TMS suffers from an operating system command injection vulnerability that originates from a misuse of the parameter m in the file /clt/LOGINFRMCAT.ASP, which can be exploited by an attacker to execute operating system...
DEDECMSV6 has command execution vulnerability
DEDECMSV6 is based on PHP7.x development, scalable and fully open source.DEDECMSV6 has a command execution vulnerability, which can be exploited by attackers to gain control of the server...
SEACMS suffers from a command execution vulnerability (CNVD-2021-40233)
SEACMS is a video-on-demand system designed for webmasters with different needs. SEACMS suffers from a command execution vulnerability that can be exploited by an attacker to gain control of the server...
Command execution vulnerability in phpyun backend (CNVD-2021-37948)
phpyun a talent recruitment system built with PHP and MySQL databases. A command execution vulnerability exists in the backend of phpyun, which can be exploited by attackers to gain control of the server...
Command execution vulnerability in DHCMS (CNVD-2021-37337)
DHCMS is a content management system based on PHP and MySQL. DHCMS suffers from a command execution vulnerability that can be exploited by an attacker to gain control of the server...
Command execution vulnerability exists in FastAdmin (CNVD-2021-37445)
FastAdmin is an extremely fast backend development framework based on ThinkPHP and Bootstrap. FastAdmin suffers from a command execution vulnerability. An attacker can exploit this vulnerability to gain server privileges...
Command Execution Vulnerability in VoIPmonitor
VoIPmonitor is an open source network packet sniffer with a commercial front-end for SIP RTP and RTCP VoIP protocols running on Linux. VoIPmonitor suffers from a command execution vulnerability that can be exploited by an attacker to gain control of the server...
Command Execution Vulnerability in SongCMS (CNVD-2020-70579)
SongCMS is a PHP+MySQL, ASP+Access/SQL Server based development, enterprise-oriented, multi-language support, free, open source CMS to help business users quickly build and deploy enterprise-level portals. SongCMS has a command execution vulnerability that can be exploited by an attacker to gain...
ISPConfig 3.0.54p1 - Authenticated Admin Local root Vulnerability
Exploit for linux platform in category web applications While logged in as admin user: 1 add a shell user 2 under option set gid to ispconfig 3 log in as that user 4 edit /usr/local/ispconfig/interface/lib/lang/en.lng with system$GET'cmd'; 5 browse to: http://server:8080/index.php?cmd=echo...