Command Execution Vulnerability in PHPYUN Talent Acquisition System beta (CNVD-2021-26194)

PHPYUN Talent Recruitment System is a PHP and MySQL database to build an efficient and open source talent and enterprise job search recruitment, hiring solutions. A command execution vulnerability exists in the beta version of PHPYUN Recruitment System. An attacker can exploit this vulnerability ...

Command Execution Vulnerability in EyouCms (CNVD-2021-26099)

EyouCms is based on TP5.0 framework for the core development of free open source enterprise content management system. EyouCms has a command execution vulnerability. An attacker can exploit the vulnerability to execute commands and gain server privileges...

Command Execution Vulnerability in SuperMap iServer

SuperMap iServer is an enterprise-level GIS server + scalable service-oriented GIS development platform released by Beijing SuperMap Software Co. A command execution vulnerability exists in SuperMap iServer. An attacker can exploit this vulnerability to gain server privileges...

Code Execution Vulnerability in Fish Leap CMS

FishLeap CMS is a content management system specifically geared towards enterprise applications. A code execution vulnerability exists in the Fish Leap CMS, which can be exploited by an attacker to write a malicious file to gain server control privileges...

CVE-2020-24635

A remote execution of arbitrary commands vulnerability was discovered in some Aruba Instant Access Point IAP products in versions: Aruba Instant 6.5.x: 6.5.4.17 and below; Aruba Instant 8.3.x: 8.3.0.13 and below; Aruba Instant 8.5.x: 8.5.0.10 and below; Aruba Instant 8.6.x: 8.6.0.5 and below; Aru...

CVE-2020-24635

A remote execution of arbitrary commands vulnerability was discovered in some Aruba Instant Access Point IAP products in versions: Aruba Instant 6.5.x: 6.5.4.17 and below; Aruba Instant 8.3.x: 8.3.0.13 and below; Aruba Instant 8.5.x: 8.5.0.10 and below; Aruba Instant 8.6.x: 8.6.0.5 and below; Aru...

inoERP download.php Insecure Deserialization (CVE-2019-16894)

An Insecure Deserialization vulnerability exists in Inoideas inoERP. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

Command Execution Vulnerability in FastAdmin of Shenzhen Extreme Creative Technology Co.

FastAdmin is an extremely fast backend development framework based on ThinkPHP5+Bootstrap. Shenzhen Extreme Creative Technology Co. FastAdmin has a command execution vulnerability that can be exploited by an attacker to gain control of the server...

Command Execution Vulnerability in Isthmus Electronic Document Security Management System

Electronic document security management system referred to as: CDG is an electronic document security protection software, the system utilizes the driver layer transparent encryption technology, through the encryption and protection of electronic documents, to prevent the internal staff leakage a...

Command Execution Vulnerability in jeewms

jeewms is led by Linglu Valley Technology open source project , JAVA-based warehouse management system support for self- and third-party , including PDA side and WEB side . jeewms has a command execution vulnerability. Attackers can use this vulnerability to obtain server privileges...

CVE-2021-21783

A code execution vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability...

Command Execution Vulnerability in SongCMS PHP Version of Guangdong Kegel Technology Co.

SongCMS is a PHP MySQL, ASP Access/SQL Server based development, enterprise-oriented, multi-language support, free, open source CMS to help business users to quickly build and deploy enterprise-level portals. A command execution vulnerability exists in the PHP version of SongCMS by Guangdong Kege...

Zoho ManageEngine Desktop Central Code Execution Vulnerability (CNVD-2021-28712)

ZOHO ManageEngine Desktop Central DC is a desktop management solution from ZOHO. The solution includes software distribution, patch management, system configuration, remote control and other functional modules to support the entire lifecycle of desktop and server management. A security...

Cisco Jabber Code Execution Vulnerability (CNVD-2021-22912)

Cisco Jabber is a web conferencing and instant messaging application that allows users to send messages over the Extensible Messaging and Status Protocol XMPP. A code execution vulnerability exists in Cisco Jabber, which is caused by incorrect validation of message content. An attacker can send...

Command Execution Vulnerability in DiYunCMS

Diyun CMS content management system is based on PHP7 language using the latest CodeIgniter4 as a development framework for the production of web content management framework, providing "computer website, cell phone website, APP interface" integrated web technology solutions. DiYunCMS has a comman...

Command Execution Vulnerability in SDCMS-B2C Mall Website Management System (CNVD-2021-25006)

SDCMS-B2C mall website management system integrates city substation, cloud storage, three-level distribution, WeChat public number, combination package, multi-people group and many other functions in one marketing mall management system. SDCMS-B2C Mall Website Management System has a command...

Command Execution Vulnerability in e-mobile

e-mobile is a mobile office product developed by Shanghai Panmicro Networks Technology Co., Ltd. and is specially designed for cell phone, tablet PC and other mobile terminal users to create a mobile office product. A command execution vulnerability exists in e-mobile, which can be exploited by a...

Code execution vulnerability in ShuipFCMS (NVD-C-2021-75467)

ShuipFCMS is a content management system based on ThinkPHP framework as the core and developed in an independent grouping approach. ShuipFCMS suffers from a code execution vulnerability that can be exploited by an attacker to gain control of the server...

Code execution vulnerability in geeweb

geeweb is a PHP MySQL-based development to completely free, fast site, easy maintenance, high security, strong load force, SEO friendly and other features, for the small and medium-sized enterprises, social groups, schools and individual users, such as the station-building system. A code executio...

XStream 代码问题漏洞

XStream is a simple Java-based library , Java objects serialized to xml and vice versa i.e. : Java objects and xml documents can be easily converted to each other . A code execution vulnerability exists in XStream, which can be exploited by an attacker to manipulate the processed input stream and...