40 matches found
Design/Logic Flaw
A vulnerability, which was classified as critical, was found in Gen Technology Four Mountain Torrent Disaster Prevention and Control of Monitoring and Early Warning System up to 20230712. This affects an unknown part of the file /Duty/AjaxHandle/UploadFloodPlanFileUpdate.ashx. The manipulation of...
PT-2023-26217 · Gen Technology · Gen Technology Four Mountain Torrent Disaster Prevention/Control Of Monitoring/Early Warning System
Name of the Vulnerable Software and Affected Versions: Gen Technology Four Mountain Torrent Disaster Prevention and Control of Monitoring and Early Warning System up to 20230712 Description: A critical issue was found in the system, affecting the /Duty/AjaxHandle/UploadFloodPlanFileUpdate.ashx...
CVE-2023-3626
A vulnerability, which was classified as critical, has been found in Suncreate Mountain Flood Disaster Prevention Monitoring and Early Warning System up to 20230706. This issue affects some unknown processing of the file /Duty/AjaxHandle/UpLoadFloodPlanFile.ashx of the component...
Out-of-bounds
A vulnerability classified as critical was found in Suncreate Mountain Flood Disaster Prevention Monitoring and Early Warning System up to 20230706. This vulnerability affects unknown code of the file /Duty/AjaxHandle/Write/UploadFile.ashx of the component Duty Write-UploadFile. The manipulation ...
PT-2023-25494 · Suncreate · Suncreate Mountain Flood Disaster Prevention Monitoring/Early Warning System
Name of the Vulnerable Software and Affected Versions: Suncreate Mountain Flood Disaster Prevention Monitoring and Early Warning System up to 20230706 Description: A critical issue was discovered, affecting the /Duty/AjaxHandle/Write/UploadFile.ashx file of the Duty Write-UploadFile component. Th...
PT-2023-25490 · Suncreate · Suncreate Mountain Flood Disaster Prevention Monitoring/Early Warning System
Name of the Vulnerable Software and Affected Versions: Suncreate Mountain Flood Disaster Prevention Monitoring and Early Warning System versions up to 20230704 Description: A critical issue affects some unknown functionality of the file /Duty/AjaxHandle/UploadHandler.ashx of the component Duty...
Suncreate Mountain Flood Disaster Prevention Monitoring and Early Warning System 代码问题漏洞
Suncreate Mountain Flood Disaster Prevention Monitoring and Early Warning System is a flash flood prevention monitoring and early warning system from Suncreate. A code issue vulnerability exists in Suncreate Mountain Flood Disaster Prevention Monitoring and Early Warning System 20230706 and earli...
Suncreate Mountain Flood Disaster Prevention Monitoring and Early Warning System 代码问题漏洞
Suncreate Mountain Flood Disaster Prevention Monitoring and Early Warning System is a flash flood prevention monitoring and early warning system from Suncreate. A code issue vulnerability exists in Suncreate Mountain Flood Disaster Prevention Monitoring and Early Warning System 20230706 and earli...
The vulnerabilities of the ObjectManager plugin and ProfileInformation.ProfileData components of the PLACODESYS Development System application programming interface allow attackers to execute arbitrary commands.
The vulnerability of the ObjectManager plugin and ProfileInformation.FileData components of the PLCODESYS Development System application programming interface is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability can allow an attacker to execute arbitrary...
CVE-2023-2648
A vulnerability was found in Weaver E-Office 9.5. It has been classified as critical. This affects an unknown part of the file /inc/jquery/uploadify/uploadify.php. The manipulation of the argument Filedata leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit h...
Weaver E-Office 代码问题漏洞
Weaver E-Office is a collaborative office system from China's Panavision Technologies Weaver. A code issue vulnerability exists in Weaver E-Office version 9.5, which stems from a problem with the file /inc/jquery/uploadify/uploadify.php, where manipulation of the parameter Filedata can result in...
PT-2023-20671 · Unknown +1 · Weaver E-Office +1
Name of the Vulnerable Software and Affected Versions: Weaver E-Office version 9.5 Description: A critical issue has been found, affecting an unknown part of the file /inc/jquery/uploadify/uploadify.php. The manipulation of the Filedata argument leads to unrestricted upload. It is possible to...
Rockwellautomation Drivetools Uncontrolled Search Path Element
Rockwell Automation DriveTools SP v5.13 and below and Drives AOP v4.12 and below both contain a vulnerability that a local attacker with limited privileges may be able to exploit resulting in privilege escalation and complete control of the system. File data ot500449.nasl...
Citrix and NetScaler SD-WAN Center Unauthenticated Directory Traversal File Write
The remote Citrix SD-WAN Center or NetScaler SD-WAN Center is susceptible to directory traversal and file writes in arbitrary locations. This is due to improper sanitization of user-supplied input in the applianceSettingsFileTransfer action of ApplianceSettingsController. An unauthenticated, remo...
Heap overflow
When copying filedata into a buffer, JustSystems Ichitaro Office 2016 Trial will calculate two values to determine how much data to copy from the document. If both of these values are larger than the size of the buffer, the application will choose the smaller of the two and trust it to copy data...
XoopsCube Shell Upload
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail :...
CVE-2008-0503
Eval injection vulnerability in admin/op/disp.php in Netwerk Smart Publisher 1.0.1 allows remote attackers to execute arbitrary PHP code via the filedata parameter...
Smart Publisher 1.0.1 (disp.php) Remote Code Execution Vulnerability
No description provided by source. Smart Publisher 1.0.1 disp.php Remote Code Execution Exploit Script : http://sourceforge.net/projects/smart-publisher/ Vuln Code In '/admin/op/disp.php'In Line '3' eval"$v=".base64decode$filedata.";"; - Vuln...
Smart Publisher 1.0.1 - filedata Remote Code Execution
Smart Publisher 1.0.1 - filedata Remote Code Execution Smart Publisher 1.0.1 disp.php Remote Code Execution Exploit Script : http://sourceforge.net/projects/smart-publisher/ Vuln Code In '/adm...
Smart Publisher 1.0.1 - 'filedata' Remote Code Execution
Smart Publisher 1.0.1 disp.php Remote Code Execution Exploit Script : http://sourceforge.net/projects/smart-publisher/ Vuln Code In '/admin/op/disp.php'In Line '3'...