Lucene search
K

146 matches found

CNVD
CNVD
added 2017/07/29 12:0 a.m.2 views

Expression Injection Vulnerability in Kingdee GSiS Government Service Platform

GSiS government service platform is an integrated product developed by Kingdee to integrate government affairs disclosure, government services and e-surveillance on a unified e-government platform. Expression injection vulnerability exists in Kingdee GSiS government service platform. It allows...

7.9AI score
Exploits0
Prion
Prion
added 2017/07/18 6:29 p.m.19 views

Code injection

Biscom Secure File Transfer is vulnerable to AngularJS expression injection in the Display Name field. An authenticated user can populate this field with a valid AngularJS expression, wrapped in double curly-braces . This expression will be evaluated by any other authenticated user who views the...

4CVSS4.6AI score0.00599EPSS
Exploits0References2
CVE
CVE
added 2017/07/18 6:0 p.m.48 views

CVE-2017-5246

Biscom Secure File Transfer is vulnerable to AngularJS expression injection in the Display Name field. An authenticated user can supply a valid AngularJS expression ({{ … }}) which will be evaluated by other authenticated users viewing the attacker’s display name. Affected versions are 5.0.0000 t...

4.3CVSS4.5AI score0.00599EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2017/03/22 12:0 a.m.3 views

Expression injection vulnerability in e-mobile platform login.do page of Shanghai Panmicro Network Technology Co.

e-mobile is Panavision's mobile office product for cell phones, tablets and other mobile terminals. An expression injection vulnerability exists in the login.do page of the e-mobile platform of Shanghai Panmicro Network Technology Co. The vulnerability allows an attacker to remotely execute...

7.9AI score
Exploits0
seebug.org
seebug.org
added 2016/07/13 12:0 a.m.26 views

Spring Boot framework the expression injection vulnerability

No description provided by source...

7.1AI score
Exploits0
myhack58
myhack58
added 2015/08/11 12:0 a.m.26 views

Discuz! X-Series remote code execution vulnerability analysis-vulnerability warning-the black bar safety net

0x01 vulnerability root causes The root of the problem is that the api/uc. php file in the updatebadwords method, the code is as follows: function updatebadwords$get, $post global $G; if! APIUPDATEBADWORDS return APIRETURNFORBIDDEN; $data = array; ifisarray$post foreach$post as $k = $v...

0.3AI score
Exploits0
Rows per page
Query Builder