Lucene search
K

40 matches found

Prion
Prion
added 2023/07/20 10:15 p.m.23 views

Design/Logic Flaw

A vulnerability, which was classified as critical, was found in Gen Technology Four Mountain Torrent Disaster Prevention and Control of Monitoring and Early Warning System up to 20230712. This affects an unknown part of the file /Duty/AjaxHandle/UploadFloodPlanFileUpdate.ashx. The manipulation of...

5.2CVSS8.6AI score0.00759EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2023/07/20 12:0 a.m.11 views

PT-2023-26217 · Gen Technology · Gen Technology Four Mountain Torrent Disaster Prevention/Control Of Monitoring/Early Warning System

Name of the Vulnerable Software and Affected Versions: Gen Technology Four Mountain Torrent Disaster Prevention and Control of Monitoring and Early Warning System up to 20230712 Description: A critical issue was found in the system, affecting the /Duty/AjaxHandle/UploadFloodPlanFileUpdate.ashx...

8.8CVSS5.6AI score0.00759EPSS
Exploits1References4
OSV
OSV
added 2023/07/11 6:15 p.m.3 views

CVE-2023-3626

A vulnerability, which was classified as critical, has been found in Suncreate Mountain Flood Disaster Prevention Monitoring and Early Warning System up to 20230706. This issue affects some unknown processing of the file /Duty/AjaxHandle/UpLoadFloodPlanFile.ashx of the component...

9.8CVSS5.3AI score0.00957EPSS
Exploits1References3
Prion
Prion
added 2023/07/11 6:15 p.m.18 views

Out-of-bounds

A vulnerability classified as critical was found in Suncreate Mountain Flood Disaster Prevention Monitoring and Early Warning System up to 20230706. This vulnerability affects unknown code of the file /Duty/AjaxHandle/Write/UploadFile.ashx of the component Duty Write-UploadFile. The manipulation ...

6.5CVSS9.4AI score0.00957EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologies
added 2023/07/11 12:0 a.m.4 views

PT-2023-25494 · Suncreate · Suncreate Mountain Flood Disaster Prevention Monitoring/Early Warning System

Name of the Vulnerable Software and Affected Versions: Suncreate Mountain Flood Disaster Prevention Monitoring and Early Warning System up to 20230706 Description: A critical issue was discovered, affecting the /Duty/AjaxHandle/Write/UploadFile.ashx file of the Duty Write-UploadFile component. Th...

9.8CVSS6.4AI score0.00957EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2023/07/11 12:0 a.m.15 views

PT-2023-25490 · Suncreate · Suncreate Mountain Flood Disaster Prevention Monitoring/Early Warning System

Name of the Vulnerable Software and Affected Versions: Suncreate Mountain Flood Disaster Prevention Monitoring and Early Warning System versions up to 20230704 Description: A critical issue affects some unknown functionality of the file /Duty/AjaxHandle/UploadHandler.ashx of the component Duty...

9.8CVSS6.6AI score0.00909EPSS
Exploits1References6
CNNVD
CNNVD
added 2023/07/11 12:0 a.m.5 views

Suncreate Mountain Flood Disaster Prevention Monitoring and Early Warning System 代码问题漏洞

Suncreate Mountain Flood Disaster Prevention Monitoring and Early Warning System is a flash flood prevention monitoring and early warning system from Suncreate. A code issue vulnerability exists in Suncreate Mountain Flood Disaster Prevention Monitoring and Early Warning System 20230706 and earli...

9.8CVSS7AI score0.00957EPSS
Exploits1References4
CNNVD
CNNVD
added 2023/07/11 12:0 a.m.4 views

Suncreate Mountain Flood Disaster Prevention Monitoring and Early Warning System 代码问题漏洞

Suncreate Mountain Flood Disaster Prevention Monitoring and Early Warning System is a flash flood prevention monitoring and early warning system from Suncreate. A code issue vulnerability exists in Suncreate Mountain Flood Disaster Prevention Monitoring and Early Warning System 20230706 and earli...

9.8CVSS7AI score0.00957EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2023/05/22 12:0 a.m.12 views

The vulnerabilities of the ObjectManager plugin and ProfileInformation.ProfileData components of the PLACODESYS Development System application programming interface allow attackers to execute arbitrary commands.

The vulnerability of the ObjectManager plugin and ProfileInformation.FileData components of the PLCODESYS Development System application programming interface is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability can allow an attacker to execute arbitrary...

7.8CVSS7.8AI score0.01671EPSS
Exploits1References6Affected Software3
OSV
OSV
added 2023/05/11 8:15 a.m.6 views

CVE-2023-2648

A vulnerability was found in Weaver E-Office 9.5. It has been classified as critical. This affects an unknown part of the file /inc/jquery/uploadify/uploadify.php. The manipulation of the argument Filedata leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit h...

9.8CVSS6.2AI score0.28478EPSS
Exploits3References3
CNNVD
CNNVD
added 2023/05/11 12:0 a.m.20 views

Weaver E-Office 代码问题漏洞

Weaver E-Office is a collaborative office system from China's Panavision Technologies Weaver. A code issue vulnerability exists in Weaver E-Office version 9.5, which stems from a problem with the file /inc/jquery/uploadify/uploadify.php, where manipulation of the parameter Filedata can result in...

9.8CVSS6.9AI score0.28478EPSS
Exploits3References4
Positive Technologies
Positive Technologies
added 2023/05/11 12:0 a.m.14 views

PT-2023-20671 · Unknown +1 · Weaver E-Office +1

Name of the Vulnerable Software and Affected Versions: Weaver E-Office version 9.5 Description: A critical issue has been found, affecting an unknown part of the file /inc/jquery/uploadify/uploadify.php. The manipulation of the Filedata argument leads to unrestricted upload. It is possible to...

9.8CVSS7AI score0.28478EPSS
Exploits3References5
Tenable Nessus
Tenable Nessus
added 2021/08/10 12:0 a.m.19 views

Rockwellautomation Drivetools Uncontrolled Search Path Element

Rockwell Automation DriveTools SP v5.13 and below and Drives AOP v4.12 and below both contain a vulnerability that a local attacker with limited privileges may be able to exploit resulting in privilege escalation and complete control of the system. File data ot500449.nasl...

7.2CVSS3AI score0.00434EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2019/12/18 12:0 a.m.48 views

Citrix and NetScaler SD-WAN Center Unauthenticated Directory Traversal File Write

The remote Citrix SD-WAN Center or NetScaler SD-WAN Center is susceptible to directory traversal and file writes in arbitrary locations. This is due to improper sanitization of user-supplied input in the applianceSettingsFileTransfer action of ApplianceSettingsController. An unauthenticated, remo...

10CVSS8.8AI score0.39335EPSS
Exploits1References3
Prion
Prion
added 2017/02/24 10:59 p.m.14 views

Heap overflow

When copying filedata into a buffer, JustSystems Ichitaro Office 2016 Trial will calculate two values to determine how much data to copy from the document. If both of these values are larger than the size of the buffer, the application will choose the smaller of the two and trust it to copy data...

7.5CVSS9.8AI score0.0234EPSS
Exploits1References2
Packet Storm
Packet Storm
added 2012/06/10 12:0 a.m.35 views

XoopsCube Shell Upload

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail :...

7.4AI score
Exploits0
Cvelist
Cvelist
added 2008/01/31 7:30 p.m.30 views

CVE-2008-0503

Eval injection vulnerability in admin/op/disp.php in Netwerk Smart Publisher 1.0.1 allows remote attackers to execute arbitrary PHP code via the filedata parameter...

7.8AI score0.23182EPSS
Exploits1References4
seebug.org
seebug.org
added 2008/01/30 12:0 a.m.20 views

Smart Publisher 1.0.1 (disp.php) Remote Code Execution Vulnerability

No description provided by source. Smart Publisher 1.0.1 disp.php Remote Code Execution Exploit Script : http://sourceforge.net/projects/smart-publisher/ Vuln Code In '/admin/op/disp.php'In Line '3' eval"$v=".base64decode$filedata.";"; - Vuln...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2008/01/29 12:0 a.m.13 views

Smart Publisher 1.0.1 - filedata Remote Code Execution

Smart Publisher 1.0.1 - filedata Remote Code Execution Smart Publisher 1.0.1 disp.php Remote Code Execution Exploit Script : http://sourceforge.net/projects/smart-publisher/ Vuln Code In '/adm...

0.3AI score
Exploits0
Exploit DB
Exploit DB
added 2008/01/29 12:0 a.m.40 views

Smart Publisher 1.0.1 - 'filedata' Remote Code Execution

Smart Publisher 1.0.1 disp.php Remote Code Execution Exploit Script : http://sourceforge.net/projects/smart-publisher/ Vuln Code In '/admin/op/disp.php'In Line '3'...

7.4AI score
Exploits0
Rows per page
Query Builder