156 matches found
CVE-2026-36669
The vulnerability CVE-2026-36669 affects Feng Office 3.11.13.11. Affected component: ck_upload_handler.php. Issue: unauthenticated arbitrary file upload allowing attackers to place files (e.g., .html) into the web-accessible /tmp/ directory. Root cause details are not provided beyond the file upl...
CVE-2026-36669
An unauthenticated arbitrary file upload vulnerability in ckuploadhandler.php in Feng Office 3.11.13.11 allows remote attackers to upload malicious files such as .html to the web-accessible /tmp/ directory...
📄 Samsung Quram DNG Advanced Remote Code Execution
This proof of concept uses an advanced exploitation technique that allows a remote attacker to execute arbitrary code on a target device by carefully controlling and manipulating memory in the target application or library. This technique is particularly used against memory-sensitive libraries li...
EUVD-2011-3696
Malware in sbrugna...
EUVD-2007-6591
Malware in sbrugna...
EUVD-2007-6593
Malware in sbrugna...
EUVD-2018-13153
Malware in sbrugna...
EUVD-2014-5232
Malware in sbrugna...
EUVD-2013-5581
Malware in sbrugna...
EUVD-2024-47197
Malicious code in bioql PyPI...
EUVD-2025-16618
Malicious code in bioql PyPI...
wx-shop 代码注入漏洞
wx-shop is a WeChat applet simple mall by the individual developer Feng Zhihui 495300897. A code injection vulnerability exists in wx-shop, which stems from a misbehavior in file/user/editUI that results in cross-site scripting...
CVE-2025-5877
A vulnerability, which was classified as problematic, has been found in Fengoffice Feng Office 3.2.2.1. Affected by this issue is some unknown functionality of the file /application/models/ApplicationDataObject.class.php of the component Document Upload Handler. The manipulation leads to xml...
PT-2025-24433 · Unknown · Feng Office
Name of the Vulnerable Software and Affected Versions: Fengoffice Feng Office version 3.2.2.1 Description: A problematic issue has been found in the Document Upload Handler component, specifically affecting some unknown functionality of the file /application/models/ApplicationDataObject.class.php...
Feng Office 代码问题漏洞
Feng Office formerly known as OpenGoo is an open source online office system by the Feng Office team. The system provides task management, schedule management, document management and Email sending and receiving functions. A code issue vulnerability exists in Feng Office version 3.2.2.1, which...
CVE-2025-5433
A vulnerability was found in Fengoffice Feng Office 3.5.1.5 and classified as critical. Affected by this issue is some unknown functionality of the file /index.php?c=account=settimezone. The manipulation of the argument tzoffset leads to sql injection. The attack may be launched remotely. The...
CVE-2025-5433
A vulnerability was found in Fengoffice Feng Office 3.5.1.5 and classified as critical. Affected by this issue is some unknown functionality of the file /index.php?c=account&a=settimezone. The manipulation of the argument tzoffset leads to sql injection. The attack may be launched remotely. The...
CVE-2025-5433
CVE-2025-5433 affects Fengoffice Feng Office 3.5.1.5. The vulnerability is an SQL injection in the endpoint /index.php?c=account&a=set_timezone, caused by manipulation of the tz_offset parameter. It is exploitable remotely and the exploit has been publicly disclosed. Multiple sources corroborate ...
Feng Office 注入漏洞
Feng Office formerly known as OpenGoo is an open source online office system by the Feng Office team. The system provides task management, schedule management, document management and Email sending and receiving functions. An injection vulnerability exists in Feng Office version 3.5.1.5, which...
PT-2025-23472 · Feng Office · Feng Office
Name of the Vulnerable Software and Affected Versions: Fengoffice Feng Office version 3.5.1.5 Description: A critical issue was found in Fengoffice Feng Office, affecting some unknown functionality of the file "/index.php?c=account&a=set timezone". The manipulation of the tz offset argument leads...