5 matches found
Open Redirect in extension "Hairu" (hairu)
The extension fails to validate user input for the parameter “redirecturl”, which allows a redirect to an arbitrary URL after a successful user login...
HAIRUICMS v2.1.4 Arbitrary File Upload Vulnerability in upprocess.asp File
HAIRUICMS HAIRUICMS is developed by HAIRUICMS based on Microsoft ASP and general ACCESS/MSSQL database. HAIRUICMS v2.1.4 upprocess.asp file has an arbitrary file upload vulnerability. An attacker can exploit the vulnerability to directly upload a script Trojan and obtain a webshell...
File Renaming Vulnerability in HAIRUICMS v2.1.4 /FileManage/fsorename.asp File
HAIRUICMS HAIRUICMS is developed by HAIRUICMS based on Microsoft ASP and general ACCESS/MSSQL database. A file renaming vulnerability exists in the HAIRUICMS v2.1.4 /FileManage/fsorename.asp file. The vulnerability is caused by not filtering the file name suffix, resulting in the image can be...
Code Execution Vulnerability in HAIRUICMS v2.1.4 Site.asp File
HAIRUICMS HAIRUICMS is developed by HAIRUICMS based on Microsoft ASP and general ACCESS/MSSQL database. A code execution vulnerability exists in the HAIRUICMS v2.1.4 Site.asp file. The vulnerability is due to the incoming parameters are not filtered directly spliced into the configuration file, t...
HAIRUICMS v2.1.4 Database Backup Vulnerability in DataM.asp File
HAIRUICMS HAIRUICMS is developed by HAIRUICMS based on Microsoft ASP and general ACCESS/MSSQL database. A database backup vulnerability exists in the HAIRUICMS v2.1.4 DataM.asp file. The vulnerability is caused by not filtering both the database path to be backed up and the backup storage path,...