Command execution vulnerability exists in SEACMS (CNVD-2021-15533)

SEACMS is a video-on-demand system designed for webmasters with different needs. A command execution vulnerability exists in SEACMS. An attacker can exploit this vulnerability to inject malicious code, execute system commands, and obtain system privileges...

MOXA AWK-1131A suffers from a command execution vulnerability (CNVD-2021-15569)

The Moxa AWK-1131A industrial-grade wireless AP/Client supports IEEE 802.11n technology with a data rate of up to 300Mbps. The MOXA AWK-1131A suffers from a command execution vulnerability that can be exploited by an attacker to cause malicious code to be executed...

Command Execution Vulnerability in Wireless AP of Shanghai Bell Co.

Shanghai Bell Co., Ltd. is a foreign-invested joint-stock company. The company provides end-to-end information and communication solutions and high-quality services to carriers, enterprises and industrial customers, and its products cover wired and wireless solutions, among others. A command...

Command Execution Vulnerability in TurboMail

TurboMail is a Guangzhou Topo Software Technology Co., Ltd. for enterprises and institutions to develop the communication needs of the e-mail server system. TurboMail has a command execution vulnerability. Attackers can use the vulnerability to remotely execute commands to obtain server privilege...

Command Execution Vulnerability in Tplay Backend

Tplay is a backend management framework based on ThinkPHP 5.0.13 + layui2.2.45 + Mysql development, PHP version required to upgrade to 5.5. A command execution vulnerability exists in Tplay backend. An attacker can exploit this vulnerability to gain server privileges...

ELECOM WRC-300FEBK-S Arbitrary Command Execution Vulnerability

The ELECOM WRC-300FEBK-S is a wireless access device. An arbitrary command execution vulnerability exists in the ELECOM WRC-300FEBK-S, which can be exploited by an attacker to execute arbitrary OS commands...

Command Execution Vulnerability in MOXA AWK-1131A

The AWK-1131A is an industrial-grade wireless AP. A command execution vulnerability exists in the MOXA AWK-1131A, which can be exploited by an attacker to execute malicious code...

Command execution vulnerability in songcms backend (CNVD-2021-12674)

SongCMS is a PHP MySQL, ASP Access/SQL Server based development, enterprise-oriented, multi-language support, free, open source CMS to help business users to quickly build and deploy enterprise-level portals. A command execution vulnerability exists in the backend of songcms. An attacker can...

Command Execution Vulnerability in Pyspider Crawler System

Pyspider is a web crawler system. Pyspider crawler system has a command execution vulnerability that can be exploited by an attacker to remotely execute code by injecting malicious code into the project manager, controlling the entire server, and carrying out intranet infiltration, DDos and other...

Command execution vulnerability in the backend of the Guojiz international web site navigation system (CNVD-2021-12808)

Guojiz International Website Navigation System is developed with ThinkPHP5.0 PHP7.0 Mysql Apache/Nginx/iis, a CMS program suitable for small and medium-sized webmasters to build websites. A command execution vulnerability exists in the backend of Guojiz International Website Navigation System. An...

Command execution vulnerability in the backend of the Guojiz international web site navigation system (CNVD-2021-12803)

Guojiz International Website Navigation System is developed with ThinkPHP5.0 PHP7.0 Mysql Apache/Nginx/iis, a CMS program suitable for small and medium-sized webmasters to build websites. Guojiz international web site navigation system back-end command execution vulnerability, an attacker can use...

Command execution vulnerability in the backend of the Guojiz international web site navigation system (CNVD-2021-12802)

Guojiz International Website Navigation System is developed with ThinkPHP5.0 PHP7.0 Mysql Apache/Nginx/iis, a CMS program suitable for small and medium-sized webmasters to build websites. Guojiz international web site navigation system back-end command execution vulnerability, an attacker can use...

Command execution vulnerability in the backend of the Guojiz international web site navigation system (CNVD-2021-12801)

Guojiz International Website Navigation System is developed with ThinkPHP5.0 PHP7.0 Mysql Apache/Nginx/iis, a CMS program suitable for small and medium-sized webmasters to build websites. Guojiz international web site navigation system back-end command execution vulnerability, an attacker can use...

Command Execution Vulnerability in Bacardi CMS Microstore (CNVD-2021-12800)

Bacardi CMS MicroMall is a free and open source object-oriented multi-store multi-user micro-mall PHP development framework. Bacardi CMS Microstore has a command execution vulnerability. Attackers can use this vulnerability to obtain control of the server...

XML Entity Injection Vulnerability in Scrap Recycling Alliance App

Scrap Recycling Union APP is a mobile software that focuses on the functions related to scrap recycling. The Scrap Recycling Alliance APP suffers from an XML entity injection vulnerability. An attacker can exploit the vulnerability by constructing malicious entities that result in the execution o...

Command Execution Vulnerability in NBR Router EWEB Network Management System at Riptide Networks Inc.

Ruijie Networks is a specialized network vendor with a full range of network equipment product lines and solutions, including switches, routers, software, security firewalls, wireless products, storage, and more. A command execution vulnerability exists in the EWEB network management system of...

Command Execution Vulnerability in eClass Junior's Integrated Platform for Small Schools

eClass Junior is a full-featured campus integrated platform designed to meet the needs of elementary school. eClass Junior is divided into five parts according to different functions, namely, "Campus Zone", "Learning Center", "Classroom Zone", "Teachers' Workspace", and "Administration Center",...

Command Execution Vulnerability in the Seal Monitoring Management System of Beijing Huilang Times Technology Company Limited (CNVD-2021-10517)

Beijing Huilang Times Technology Co., Ltd. was founded in 2005, is a national high-tech enterprises and dual-soft certified enterprises, the products are a little bit of banknote detectors, seal monitoring and management equipment, automatic check printers, financial binding machines and other...

Command Execution Vulnerability in Xampp

XAMPP is a free open source cross-platform Web server solution stack package developed by Apache Friends. A command execution vulnerability exists in Xampp. An attacker can exploit the vulnerability to execute arbitrary commands...

Command Execution Vulnerability in the InRouter900 Industrial Router from Johntons

The Johnton-InRouter900 series industrial router is a 4G industrial router. A command execution vulnerability exists in the InRouter900 Industrial Router. The vulnerability stems from the program's failure to properly validate user data and can be exploited by a remote attacker to execute arbitra...