21 matches found
CVE-2026-10075 Interinfo|DreamMaker - Path Traversal
DreamMaker developed by Interinfo has a Path Traversal vulnerability, allowing unauthenticated remote attackers to read file names under arbitrary path by exploiting an Absolute Path Traversal vulnerability...
CVE-2026-10074
CVE-2026-10074 : DreamMaker (Interinfo) is affected by an Arbitrary File Read vulnerability that enables a privileged local attacker to perform a Relative Path Traversal to download arbitrary system files. The issue is described across multiple sources as a file-read exposure with a potential con...
Interinfo DreamMaker 代码问题漏洞
Interinfo DreamMaker is an application developed by Interinfo Corporation in China. Interinfo DreamMaker has a code vulnerability that stems from arbitrary file uploads. This vulnerability could allow a privileged remote attacker to upload and execute a Web shell backdoor, thereby enabling...
Interinfo DreamMaker 安全漏洞
Interinfo DreamMaker is an application developed by Interinfo Corporation in China. Interinfo DreamMaker has a security vulnerability, which stems from relative path traversal. This vulnerability could allow privileged local attackers to download arbitrary system files...
Interinfo DreamMaker 代码问题漏洞
Interinfo DreamMaker is an application developed by Interinfo Corporation in China. Interinfo DreamMaker has a code vulnerability that stems from arbitrary file uploads. This vulnerability could allow unauthenticated remote attackers to upload and execute a Web shell backdoor, thereby enabling...
Interinfo DreamMaker 安全漏洞
Interinfo DreamMaker is an application developed by Interinfo Corporation in China. Interinfo DreamMaker has a security vulnerability, which stems from absolute path traversal. This vulnerability could allow unauthenticated remote attackers to read file names from any path...
Interinfo DreamMaker 安全漏洞
Interinfo DreamMaker is an application developed by Interinfo Corporation in China. Interinfo DreamMaker has a security vulnerability, which stems from relative path traversal. This vulnerability could allow unauthenticated local attackers to download arbitrary system files...
CVE-2026-24728
A missing authentication for critical function vulnerability in the /servlet/baServer3 endpoint of Interinfo DreamMaker versions before 2025/10/22 allows remote attackers to access exposed administrative functionality without prior authentication...
CVE-2026-24728
A missing authentication for critical function vulnerability in the /servlet/baServer3 endpoint of Interinfo DreamMaker versions before 2025/10/22 allows remote attackers to access exposed administrative functionality without prior authentication...
CVE-2026-24729
An unrestricted upload of file with dangerous type vulnerability in the file upload function of Interinfo DreamMaker versions before 2025/10/22 allows remote attackers to execute arbitrary system commands via a malicious class file...
EUVD-2026-5017
An unrestricted upload of file with dangerous type vulnerability in the file upload function of Interinfo DreamMaker versions before 2025/10/22 allows remote attackers to execute arbitrary system commands via a malicious class file...
CVE-2026-24729 Interinfo DreamMaker - Unrestricted Upload of File with Dangerous Type
An unrestricted upload of file with dangerous type vulnerability in the file upload function of Interinfo DreamMaker versions before 2025/10/22 allows remote attackers to execute arbitrary system commands via a malicious class file...
CVE-2026-24729 Interinfo DreamMaker - Unrestricted Upload of File with Dangerous Type
An unrestricted upload of file with dangerous type vulnerability in the file upload function of Interinfo DreamMaker versions before 2025/10/22 allows remote attackers to execute arbitrary system commands via a malicious class file...
CVE-2026-24729
An unrestricted upload of file with dangerous type vulnerability exists in Interinfo DreamMaker’s file upload function, affecting versions before 2025/10/22. The root cause is an insufficient validation of uploaded files, enabling remote attackers to execute arbitrary system commands via a malici...
EUVD-2026-5016
A missing authentication for critical function vulnerability in the /servlet/baServer3 endpoint of Interinfo DreamMaker versions before 2025/10/22 allows remote attackers to access exposed administrative functionality without prior authentication...
CVE-2026-24728
The vulnerability CVE-2026-24728 affects Interinfo DreamMaker, specifically the /servlet/baServer3 endpoint. A missing authentication for a critical function allows remote attackers to access exposed administrative functionality without prior authentication in DreamMaker versions before 2025/10/2...
PT-2026-5377
A missing authentication for critical function vulnerability in the /servlet/baServer3 endpoint of Interinfo DreamMaker versions before 2025/10/22 allows remote attackers to access exposed administrative functionality without prior authentication...
CVE-2024-11978
DreamMaker from Interinfo has a Path Traversal vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to read arbitrary system files...
CVE-2024-11978
CVE-2024-11978 affects DreamMaker from Interinfo and is described as a Path Traversal vulnerability that allows unauthenticated remote attackers to read arbitrary system files. The initial entry notes a CVSS v3.1 base score of 7.5 (Network, Privileges None, User Interaction None, Confidentiality ...
CVE-2024-11978 Interinfo DreamMaker - Arbitrary File Reading through Path Traversal
DreamMaker from Interinfo has a Path Traversal vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to read arbitrary system files...