57 matches found
CVE-2024-37728
Arbitrary File Read vulnerability in Xi'an Daxi Information Technology Co., Ltd OfficeWeb365 v.7.18.23.0 and v8.6.1.0 allows a remote attacker to obtain sensitive information via the "Pic/Indexes" interface...
CVE-2024-37679
Cross Site Scripting vulnerability in Hangzhou Meisoft Information Technology Co., Ltd. Finesoft v.8.0 and before allows a remote attacker to execute arbitrary code via a crafted script to the login.jsp parameter...
CVE-2024-37678
Cross Site Scripting vulnerability in Hangzhou Meisoft Information Technology Co., Ltd. Finesoft v.8.0 and before allows a remote attacker to execute arbitrary code via a crafted script...
CVE-2024-37678
Cross Site Scripting vulnerability in Hangzhou Meisoft Information Technology Co., Ltd. Finesoft v.8.0 and before allows a remote attacker to execute arbitrary code via a crafted script...
CVE-2024-37678
CVE-2024-37678 describes a Cross Site Scripting vulnerability in Hangzhou Meisoft Information Technology Co., Ltd. Finesoft v8.0 and earlier. The flaw allows a remote attacker to execute arbitrary code via a crafted script. The affected product is Finesoft (version 8.0 and before); the underlying...
Command Execution Vulnerability in Micro Service Platform of Puyuan Information Technology Co.
Puyuan Information Technology Co., Ltd. is a professional provider of software infrastructure platform middleware in China, mainly providing innovative and reliable software infrastructure platform products and corresponding technical services for customers in the financial, governmental affairs,...
Mitsubishi Electric FA Engineering Software Products
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION : Low attack complexity Vendor : Mitsubishi Electric Equipment : FA Engineering Software Products Vulnerability : External Control of File Name or Path 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a malicious...
Unauthorized Access Vulnerability in LiveSMS of Anhui Green Persimmon Information Technology Co.
Anhui Green Persimmon Information Technology Co., Ltd. is a company whose business scope includes: computer software and hardware development and sales, technical services, technical consulting, technology transfer; web page design; Internet information services and so on. There is an unauthorize...
Unauthorized Access Vulnerability in LiveNVS of Anhui Green Persimmon Information Technology Co.
LiveNVS is a solution dedicated to centralized management of LiveNVRs.... Anhui Green Persimmon Information Technology Co. LiveNVS has an unauthorized access vulnerability that can be exploited by attackers to obtain sensitive information...
Command Execution Vulnerability in Wisdom Optical IPTV Gateway of Shenzhen Wisdom Optical Information Technology Co.
Shenzhen Wisdom Optical Xun Information Technology Co., Ltd. is an emerging high-tech company integrating R&D, production and sales. Shenzhen Wisdom Optical Information Technology Co., Ltd Wisdom Optical IPTV Gateway has a command execution vulnerability that can be exploited by an attacker to ga...
Unauthorized Access Vulnerability in SRM Cloud Platform of Shanghai Zhenyun Information Technology Co.
Shanghai Zhenyun Information Technology Co., Ltd. is a domestic procurement digital management platform provider. An unauthorized access vulnerability exists in the SRM cloud platform of Shanghai Zhenyun Information Technology Co., Ltd, which can be exploited by attackers to obtain sensitive...
Command Execution Vulnerability in Mingguo Security Gateway of Hangzhou ACE Information Technology Co. Ltd (CNVD-2023-03898)
MingGuard Security Gateway builds a next-generation security protection system with full-process defense and integrates traditional firewall, intrusion detection, intrusion prevention system, anti-virus gateway, Internet behavior control, VPN gateway, threat intelligence, and other security modul...
Ltd. has SQL injection vulnerability in the security management system of Centrin JingYun terminal
Centrin Jing Cloud Terminal Security Management System is an enterprise-level network anti-virus system developed by Beijing Centrin Link Information Technology Co. Ltd. There is a SQL injection vulnerability in the security management system of Centron View Cloud Terminal, which can be exploited...
Command Execution Vulnerability in WoSmart Top Shop Mall System
Zhejiang WoSmith Information Technology Co., Ltd. is a technology company specializing in mobile Internet technology development. There is a command execution vulnerability in WoSmith's list store mall system, which can be exploited by an attacker to gain control of the server...
Logic Flaw Vulnerability in Netnifty's Web Tampering Prevention System
Beijing Netnifty Information Technology Company is a leading enterprise in the domestic information security industry, specializing in the research and development, production and sales of information security products, and providing hierarchical overall security solutions and security profession...
Command Execution Vulnerability in JingYun Terminal Security Management System of Beijing Centron Link Information Technology Co.
Ltd. was established in July 2016, by Beijing Qixingchen Information Security Technology Co., Ltd., Beijing Beixinyuan Software Co., Ltd., Beijing Zhengyong Information Technology Co. Beijing Centron Lead Information Technology Co., Ltd. Jing cloud terminal security management system there is a...
Arbitrary File Download Vulnerability in Centron View Cloud Terminal Security Management System
CentronView Terminal Security Management System is an enterprise-level network anti-virus system developed by Beijing CentronView Information Technology Co. There is an arbitrary file download vulnerability in CentronView Cloud Terminal Security Management System, which can be exploited by...
Logic flaw vulnerability in the security management system of Centron View cloud terminal
CentronView Terminal Security Management System is an enterprise-level network anti-virus system developed by Beijing CentronView Information Technology Co. There is a logic flaw vulnerability in the Centron View Cloud Terminal Security Management System, which can be exploited by attackers to...
Command injection
Command injection vulnerability in Manual Ping Form Web UI in Shenzhen Ejoin Information Technology Co., Ltd. ACOM508/ACOM516/ACOM532 609-915-041-100-020 allows a remote attacker to inject arbitrary code via the field...
CVE-2022-23332
CVE-2022-23332 is a command-injection vulnerability in the Manual Ping Form (Web UI) of Shenzhen Ejoin Information Technology Co., Ltd. for ACOM508/ACOM516/ACOM532 devices (version 609-915-041-100-020). The flaw allows a remote attacker to inject arbitrary code via a field in the Web UI’s Manual ...