11 matches found
Mister Group System Explorer 代码问题漏洞
Mister Group System Explorer is a free system internal exploration and management software from Mister Group, Inc. A security vulnerability exists in Mister Group System Explorer 7.0.0 via a carefully crafted file in the SystemExplorer HelpService executable path...
SQL Injection Vulnerability in SMi CMS Education Group Website Group System
SMi CMS education group station group system is mainly oriented to education group, education bureau of primary and secondary school station group platform. SQL injection vulnerability exists in SMiCMS Education Group Web Group System, which can be exploited by attackers to obtain sensitive...
CVE-2019-3827
An incorrect permission check in the admin backend in gvfs before version 1.39.4 was found that allows reading and modify arbitrary files by privileged users without asking for password when no authentication agent is running. This vulnerability can be exploited by malicious programs running unde...
SQL injection vulnerability in the se***.php page of the Leader Mailbox module of the SMiCMS school group system
State Micro CMS is one of the mainstream CMS systems in China, and is also the largest open source platform provider in the field of PHP in Southern China. State Micro CMS school group system leadership mailbox module se.php page SQL injection vulnerability. Attackers can use the vulnerability to...
SQL Injection Vulnerability in the Message Board Module of Guowei CMS School Group System
State Micro CMS is one of the mainstream CMS systems in China, and is also the largest open source platform provider in the field of PHP in Southern China. State Micro CMS school cluster system message board module SQL injection vulnerabilities. Attackers can use the vulnerability to obtain...
SQL Injection Vulnerability in the Universal Forms Module of SMiCMS School Group System
State Micro CMS is one of the mainstream CMS systems in China, and is also the largest open source platform provider in the field of PHP in Southern China. State Micro CMS school station system universal form module SQL injection vulnerability. Attackers can use the vulnerability to obtain...
SQL Injection Vulnerability in SMi CMS School Station Group System v20180314 (CNVD-2018-10728)
State Micro CMS is one of the mainstream CMS systems in China, and is also the largest open source platform provider in the field of PHP in Southern China. State Micro CMS school station group system v20180314 version of the SQL injection vulnerability , attackers can exploit the vulnerability to...
SQL Injection Vulnerability in SMi CMS School Station Group System v20180314 (CNVD-2018-10572)
State Micro CMS is one of the mainstream CMS systems in China, and is also the largest open source platform provider in the field of PHP in Southern China. State Micro CMS school station group system v20180314 version of the SQL injection vulnerability , attackers can exploit the vulnerability to...
A station group system vulnerabilities to cause is the station point all getshell(involving government, schools, businesses and other large sites)-vulnerability warning-the black bar safety net
Brief description: A background 2 0 plurality of the gov,all of the scored Shell Detailed description: IP address: 124.133.2.2 Background address: http://124.133.2.2/siteserver/login.aspx Use the Cookie trick to login Cookie read: BAIRONG. VC. ADMINLOGIN=6 8 8 7; SITESERVER. ADMINISTRATOR...
AIX 5.3 TL 0 : swcons (IZ18339)
A file permission/ownership vulnerability exists in the 'bos.rte.console' fileset command listed below whereby a local attacker may create arbitrary contents within a file owned by root using the 'swcons' command. The local attacker must be a member of the 'system' group gid=0 to execute this...
du.4.0e.var.perms.txt
Date: Sun, 4 Apr 1999 20:31:12 +0300 From: Harhalakis Stefanos To: [email protected] Subject: Digital Unix 4.0E /var permission On Digital Unix 4.0E with the latest patch kit aplied, after a new installation /var has g+w for group system. Anyone that can crack any account with gid==system may...