CVE-2025-1946

A vulnerability was found in hzmanyun Education and Training System 2.1. It has been rated as critical. Affected by this issue is the function exportPDF of the file /user/exportPDF. The manipulation of the argument id leads to command injection. The attack may be launched remotely. The exploit ha...

PT-2025-9694

Name of the Vulnerable Software and Affected Versions hzmanyun Education and Training System version 2.1 Description A critical issue was found in the function exportPDF of the file /user/exportPDF, where the manipulation of the argument id leads to command injection. This issue can be exploited...

EsafeNet DSM 安全漏洞

EsafeNet DSM is a system that provides fine-grained document usage rights control from China's EsafeNet. It is used for document rights control, data security protection and authorization management. A security vulnerability exists in EsafeNet DSM version 3.1.2, which originates from command...

CVE-2024-31601

An issue in Beijing Panabit Network Software Co., Ltd Panalog big data analysis platform v. 20240323 and before allows attackers to execute arbitrary code via the exportpdf.php component...

Typora v1.7.4 - OS Command Injection

Exploit Title: Typora v1.7.4 - OS Command Injection Discovered by: Ahmet Ümit BAYRAM Discovered Date: 13.09.2023 Vendor Homepage: http://www.typora.io Software Link: https://download.typora.io/windows/typora-setup-ia32.exe Tested Version: v1.7.4 latest Tested on: Windows 2019 Server 64bit Steps t...

LabKey Server XML External Entity Injection Vulnerability

LabKey Server is a biomedical research data repository from LabKey, Inc. The repository allows Web-based querying, reporting, and collaboration across a wide range of data sources. An XML external entity injection vulnerability exists in LabKey Server. An attacker could exploit this vulnerability...