EUVD-2020-17634

Malware in sbrugna...

CVE-2024-13109

A vulnerability was found in Beijing Yunfan Internet Technology Yunfan Learning Examination System 1.9.2. It has been rated as critical. This issue affects some unknown processing of the file /doc.html. The manipulation leads to improper authorization. The attack may be initiated remotely. The...

CVE-2025-2147

A vulnerability was found in Beijing Zhide Intelligent Internet Technology Modern Farm Digital Integrated Management System 1.0. It has been classified as problematic. Affected is an unknown function. The manipulation leads to files or directories accessible. It is possible to launch the attack...

CVE-2024-13111 Beijing Yunfan Internet Technology Yunfan Learning Examination System JWT Token SysUserControl improper authentication

A vulnerability classified as critical was found in Beijing Yunfan Internet Technology Yunfan Learning Examination System 1.9.2. Affected by this vulnerability is an unknown functionality of the file src/main/java/com/yf/exam/modules/sys/user/controller/SysUserControl of the component JWT Token...

CVE-2024-13110

Beijing Yunfan Internet Technology Yunfan Learning Examination System 1.9.2 is affected by CVE-2024-13110 due to an unknown function in src/main/java/com/yf/exam/modules/paper/controller/PaperController.java (Exam Answer Handler) that leads to information disclosure. Existence of remote-access ex...

CVE-2024-13109

A vulnerability was found in Beijing Yunfan Internet Technology Yunfan Learning Examination System 1.9.2. It has been rated as critical. This issue affects some unknown processing of the file /doc.html. The manipulation leads to improper authorization. The attack may be initiated remotely. The...

Information disclosure

An issue in Beijing Yunfan Internet Technology Co., Ltd, Yunfan Learning Examination System v.6.5 allows a remote attacker to obtain sensitive information via the password parameter in the login function...

CVE-2023-46963

CVE-2023-46963 affects Yunfan Learning Examination System v6.5 from Beijing Yunfan Internet Technology Co.; reported as an information disclosure via the login password parameter. The vulnerability is described as allowing a remote attacker to obtain sensitive data during login. Public details in...

CVE-2023-46963

An issue in Beijing Yunfan Internet Technology Co., Ltd, Yunfan Learning Examination System v.6.5 allows a remote attacker to obtain sensitive information via the password parameter in the login function...

Command Execution Vulnerability in WoSmart Top Shop Mall System

Zhejiang WoSmith Information Technology Co., Ltd. is a technology company specializing in mobile Internet technology development. There is a command execution vulnerability in WoSmith's list store mall system, which can be exploited by an attacker to gain control of the server...

On the Radar: Securing Web 3.0, the Metaverse and beyond

By Jaeson Schultz. Internet technology evolves rapidly, and the World Wide Web WWW or Web is currently experiencing a transition into what many are calling "Web 3.0". Web 3.0 is a nebulous term. If you spend enough time Googling it, you'll find many interpretations regarding what Web 3.0... This ...

Stored XSS Vulnerability in the Smart Gateway Configuration Platform of Beijing Bibi Technology Co.

Ltd. is a company with professional Wi-Fi technology, which is committed to combining Internet technology with traditional industries to help industry customers embrace the Internet and create new value for traditional industries. There is a stored XSS vulnerability in the Smart Gateway...

Shenzhen Tengxu IOT Technology Co., Ltd. behavioral management system has SQL injection vulnerability

Shenzhen Tengxu IOT Technology Co., Ltd. was founded in August 2013, is a collection of commercial wireless network product research and development design, manufacturing, sales and service as one of the Internet technology companies. Shenzhen Tengfox IOT Technology Co., Ltd. behavioral managemen...

Qingdao Kechuang Internet Technology Co., Ltd. website building system suffers from sql injection vulnerability

Ltd. is a high-tech science and technology enterprise integrating software development, website construction, system integration, mobile APP development, mobile online shopping mall, and Internet application service. Qingdao Kechuang Internet Technology Co., Ltd. website construction system there...

Beijing Yunfan Internet Technology Co., Ltd. online learning test system has SQL injection vulnerability

Online learning test system is a multi-role online training test system, the system integrates user management, role management, departmental management, question bank management, test management, test question import and export, test management, online test, wrong training and other functions, t...

Beijing Yunfan Internet Technology Co., Ltd. training and examination system has logical flaws and loopholes

Beijing Yunfan Internet Technology Co., Ltd. business scope includes: technology development, technology promotion, technology transfer, technology consulting, technical services and so on. Beijing Yunfan Internet Technology Co., Ltd. training and examination system exists logic flaws...

XML Entity Injection Vulnerability in Training and Exam System of Beijing Yunfan Internet Technology Co.

Beijing Yunfan Internet Technology Co., Ltd. business scope includes: technology development, technology promotion, technology transfer, technology consulting, technical services and so on. Beijing Yunfan Internet Technology Co., Ltd. training and examination system exists XML entity injection...

Gopher <= 3.0.9 (+VIEWS) Remote (Client Side) Buffer Overflow Exploit

No description provided by source. / gopherv3.0.9+: remote client buffer overflow exploit. by: vade79/v9 [email protected] fakehalo/realhalo compile: gcc xgopher-client.c -o xgopher-client syntax: ./xgopher-client port bindshell port The Internet Gopher Client is based on the UMN Gopher/Gopherd 2.3....

AuraCMS 1.62 - stat.php Remote Code Execution

AuraCMS 1.62 - stat.php Remote Code Execution !/usr/bin/perl Indonesian Newhack Security Advisory ------------------------------------ AuraCMS 1.62 - stat.php Remote Code Execution Exploit Waktu : Jan 16 2008 10:00PM Software : AuraCMS 1.62 AuraCMS Mod Block Statistik |...