33 matches found
EUVD-2022-39278
Malicious code in bioql PyPI...
CVE-2022-36572
Sinsiu Sinsiu Enterprise Website System v1.1.1.0 was discovered to contain a remote code execution RCE vulnerability via the component /upload/admin.php?/deal/...
EARCLINK ESPCMS 安全漏洞
Honghu Erchuang Netlink Information Technology EARCLINK ESPCMS is an enterprise website building system from Honghu Erchuang Netlink Information Technology, China. A security vulnerability exists in EARCLINK ESPCMS version P8.21120101, which originated from the discovery of a remote code executio...
Remote code execution
Sinsiu Sinsiu Enterprise Website System v1.1.1.0 was discovered to contain a remote code execution RCE vulnerability via the component /upload/admin.php?/deal/...
CVE-2022-36572
Sinsiu Sinsiu Enterprise Website System v1.1.1.0 is affected by CVE-2022-36572, a remote code execution (RCE) vulnerability exploitable via the component /upload/admin.php?/deal/. The PT-2022-23479 advisory confirms an RCE impact and notes there is no available patch/version with a fix, recommend...
PT-2022-23479 · Sinsiu · Sinsiu Enterprise Website System
Name of the Vulnerable Software and Affected Versions: Sinsiu Sinsiu Enterprise Website System version 1.1.1.0 Description: The issue is related to a remote code execution RCE vulnerability. It can be exploited via the component /upload/admin.php?/deal/. Recommendations: For Sinsiu Sinsiu...
EARCLINK ESPCMS SQL注入漏洞
Honghu Erchuang Netlink Information Technology EARCLINK ESPCMS is an enterprise website building system from China's Honghu Erchuang Netlink Information Technology Company. A SQL injection vulnerability exists in the espcmsweb/Search.php component of EARCLINK ESPCMS-P8, which can be exploited by...
File Upload Vulnerability in OKLite
OKLite is an enterprise website system, the main target group is the display enterprise website users, so that the traditional small business quickly deploy the website. A file upload vulnerability exists in OKLite, which can be exploited by attackers to upload a webshell and gain server privileg...
OKLite suffers from a logic flaw vulnerability (CNVD-2020-71655)
OKLite is a minimalist enterprise website system, the main target group is the display enterprise website users, so that the traditional small business quickly deploy the website. OKLite suffers from a logic flaw vulnerability that can be exploited by attackers to compromise the integrity of the...
SQL Injection Vulnerability in Pinecone Enterprise Website System
Pinecone enterprise website system is an asp+access for development at the same time to support the mobile terminal and pc terminal asp enterprise website source code. Pinecone enterprise website system has a SQL injection vulnerability. Attackers can use the vulnerability to obtain sensitive...
File Containment Vulnerability in 4-in-1 Enterprise Website Management System
Four-in-one enterprise website management system is a computer website + mobile website + WeChat public number + small program in one of the content management system. A file inclusion vulnerability exists in the Four-in-One Enterprise Website Management System, which can be exploited by an...
Logic flaw vulnerability in JLCMS of Beijing Liangjing Zhicheng Technology Co.
LJCMS is a PHP+MYSQL based enterprise website system. There is a logic flaw vulnerability in JLCMS of Beijing Liang Jing Zhi Cheng Technology Co., Ltd. that can be exploited by attackers to obtain other people's user address information...
Unauthorized Access Vulnerability in LJCMS
LJCMS is a PHP+MYSQL based, free and open source enterprise website system. LJCMS has an unauthorized access vulnerability that can be exploited by attackers to obtain sensitive information...
File upload vulnerability exists in CmsEasy (CNVD-2020-23793)
Ltd. CmsEasy Ease2Easy enterprise website system, also known as Ease2Easy enterprise website program, is Ease2Easy to develop China's first set of free enterprise website templates for marketing enterprise website management system, the system front html, fully SEO-compliant, as well as online...
Arbitrary File Deletion Vulnerability in DSCMS
DSCMS is an enterprise website system launched by Changsha Deshaun Network Technology Co. DSCMS has an arbitrary file deletion vulnerability that can be exploited by an attacker to cause a system reinstallation...
Command Execution Vulnerability in OECMS
OECMS enterprise website system is a set of enterprise building system based on the development of OEPHP architecture system development. OECMS has a command execution vulnerability that can be exploited by attackers to gain control of the web server...
Arbitrary File Read Vulnerability in CmsEasy
Ltd. CmsEasy easy to pass enterprise website system, also known as easy to pass enterprise website program, is easy to pass the company to develop China's first set of free enterprise website templates for marketing enterprise website management system, the system foreground to generate html, ful...
File Upload Vulnerability in CmsEasy
Ltd. CmsEasy easy to pass enterprise website system, also known as easy to pass enterprise website program, is easy to pass the company to develop China's first set of free enterprise website templates for marketing enterprise website management system, the system foreground to generate html, ful...
S-CMS php version enterprise website building system v3.0 SQL injection vulnerability in background aj*** N*** parameters (CNVD-2019-40101)
S-CMS enterprise station building system is Zibo Shining Network Technology Co., Ltd. developed a specialized enterprise station building solutions for the product. S-CMS php version of the enterprise website building system v3.0 background aj N parameter there is a SQL injection vulnerability, t...
Command Execution Vulnerability in DM Enterprise Website System
DM enterprise building system is developed by php + mysql a set of specialized in small and medium-sized enterprise website construction of open source cms. DM enterprise website building system has a command execution vulnerability , attackers can use the vulnerability to obtain server privilege...