21 matches found
CVE-2023-4172 Chengdu Flash Flood Disaster Monitoring and Warning System FileHandler.ashx absolute path traversal
A vulnerability, which was classified as problematic, has been found in Chengdu Flash Flood Disaster Monitoring and Warning System 2.0. This issue affects some unknown processing of the file \Service\FileHandler.ashx. The manipulation of the argument FileDirectory leads to absolute path traversal...
CVE-2023-4172
CVE-2023-4172 affects Chengdu Flash Flood Disaster Monitoring and Warning System 2.0. The vulnerability arises from improper handling of the FileDirectory argument in the FileHandler.ashx (path/file processing), enabling absolute path traversal via a remote attack. Exploitation has been disclosed...
CVE-2023-3803
A vulnerability classified as problematic has been found in Chengdu Flash Flood Disaster Monitoring and Warning System 2.0. This affects an unknown part of the file /Service/ImageStationDataService.asmx of the component File Name Handler. The manipulation leads to insufficiently random values. Th...
Design/Logic Flaw
A vulnerability classified as problematic has been found in Chengdu Flash Flood Disaster Monitoring and Warning System 2.0. This affects an unknown part of the file /Service/ImageStationDataService.asmx of the component File Name Handler. The manipulation leads to insufficiently random values. Th...
CVE-2023-3804 Chengdu Flash Flood Disaster Monitoring and Warning System FileHandler.ashx unrestricted upload
A vulnerability classified as problematic was found in Chengdu Flash Flood Disaster Monitoring and Warning System 2.0. This vulnerability affects unknown code of the file /Service/FileHandler.ashx. The manipulation of the argument userFile leads to unrestricted upload. The exploit has been...
CVE-2023-3804
CVE-2023-3804 affects Chengdu Flash Flood Disaster Monitoring and Warning System 2.0. The vulnerability is in the file /Service/FileHandler.ashx, where manipulation of the argument userFile enables unrestricted upload. The exploit has been publicly disclosed. Several sources confirm this is a cod...
CVE-2023-3803
CVE-2023-3803 affects Chengdu Flash Flood Disaster Monitoring and Warning System 2.0, specifically the File Name Handler component and the /Service/ImageStationDataService.asmx file. The root cause is a flaw that leads to insufficiently random values. Documented attack complexity is high and expl...
CVE-2023-3802
CVE-2023-3802 affects Chengdu Flash Flood Disaster Monitoring and Warning System 2.0. The issue resides in the file /Controller/Ajaxfileupload.ashx, where manipulating the file argument enables unrestricted file uploads. Public disclosure of the exploit is noted. Remediation details are not expli...
CVE-2023-3802 Chengdu Flash Flood Disaster Monitoring and Warning System Ajaxfileupload.ashx unrestricted upload
A vulnerability was found in Chengdu Flash Flood Disaster Monitoring and Warning System 2.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /Controller/Ajaxfileupload.ashx. The manipulation of the argument file leads to unrestricted upload. The...
Chengdu Flash Flood Disaster Monitoring and Warning System 代码问题漏洞
Chengdu Flash Flood Disaster Monitoring and Warning System is a flash flood disaster monitoring and warning system in Chengdu. A vulnerability exists in Chengdu Flash Flood Disaster Monitoring and Warning System version 2.0 due to a code issue with insufficient random values...
PT-2023-26247 · Unknown · Chengdu Flash Flood Disaster Monitoring/Warning System
Name of the Vulnerable Software and Affected Versions: Chengdu Flash Flood Disaster Monitoring and Warning System version 2.0 Description: A vulnerability was found in the Chengdu Flash Flood Disaster Monitoring and Warning System. It affects some unknown functionality of the file...
CVE-2023-3798
A vulnerability has been found in Chengdu Flash Flood Disaster Monitoring and Warning System 2.0 and classified as critical. This vulnerability affects unknown code of the file /AppResource/UEditor/server/upload.aspx. The manipulation of the argument file leads to unrestricted upload. The exploit...
Design/Logic Flaw
A vulnerability has been found in Chengdu Flash Flood Disaster Monitoring and Warning System 2.0 and classified as critical. This vulnerability affects unknown code of the file /AppResource/UEditor/server/upload.aspx. The manipulation of the argument file leads to unrestricted upload. The exploit...
CVE-2023-3798 Chengdu Flash Flood Disaster Monitoring and Warning System upload.aspx unrestricted upload
A vulnerability has been found in Chengdu Flash Flood Disaster Monitoring and Warning System 2.0 and classified as critical. This vulnerability affects unknown code of the file /AppResource/UEditor/server/upload.aspx. The manipulation of the argument file leads to unrestricted upload. The exploit...
CVE-2023-3798
CVE-2023-3798 affects Chengdu Flash Flood Disaster Monitoring and Warning System 2.0. The vulnerability is in the file path "/App_Resource/UEditor/server/upload.aspx" where manipulation of the file parameter enables unrestricted file upload. Exploitation status is disclosed publicly in the source...
File Upload Vulnerability in Flash Flood Monitoring and Early Warning System of Siltronic Ltd (CNVD-2022-16620)
Siltronic Ltd. is a technology-based enterprise dedicated to the cause of disaster prevention and mitigation in China. A file upload vulnerability exists in the Flash Flood Monitoring and Early Warning System of Siltronic Ltd. that can be exploited by attackers to gain control of the server...
File Upload Vulnerability in Flash Flood Monitoring and Early Warning System of Sichuang Technology Co. Ltd (CNVD-2022-16621)
Siltronic is a technology-based enterprise dedicated to the cause of disaster prevention and mitigation in China. A file upload vulnerability exists in the Flash Flood Monitoring and Early Warning System of Sicron Technology Co. Ltd, which can be exploited by attackers to gain control of the serv...
File Upload Vulnerability in the Flash Flood Monitoring and Early Warning Platform of Siltronic Ltd (CNVD-2022-10323)
Siltronic Ltd. is an information service provider for disaster reduction and profitability in China. A file upload vulnerability exists in the flash flood monitoring and early warning platform of Sicron Technology Limited, which can be exploited by attackers to gain control of the server...
File Upload Vulnerability in the Flash Flood Monitoring and Early Warning Platform of Siltronic Ltd (CNVD-2022-10316)
Siltronic Ltd. is an information service provider for disaster reduction and profitability in China. A file upload vulnerability exists in the flash flood monitoring and early warning platform of Sicron Technology Co. Ltd, which can be exploited by an attacker to gain control of the server...
File Upload Vulnerability in the Flash Flood Monitoring and Early Warning Platform of Siltronic Ltd (CNVD-2022-10325)
Siltronic Ltd. is an information service provider for disaster reduction and profitability in China. A file upload vulnerability exists in the flash flood monitoring and early warning platform of Sicron Technology Co. Ltd, which can be exploited by an attacker to gain control of the server...