318 matches found
CVE-2026-2665
A vulnerability was detected in huanzi-qch base-admin up to 57a8126bb3353a004f3c7722089e3b926ea83596. Impacted is the function Upload of the file SysFileController.java of the component JSP Parser. Performing a manipulation of the argument File results in unrestricted upload. The attack can be...
CVE-2026-2665 huanzi-qch base-admin JSP Parser SysFileController.java upload unrestricted upload
A vulnerability was detected in huanzi-qch base-admin up to 57a8126bb3353a004f3c7722089e3b926ea83596. Impacted is the function Upload of the file SysFileController.java of the component JSP Parser. Performing a manipulation of the argument File results in unrestricted upload. The attack can be...
Yonyou KSOA SQL injection vulnerability
Yonyou KSOA is an enterprise-level management software developed by Yonyou Corporation in China. Version 9.0 of Yonyou KSOA contains a SQL injection vulnerability, which stems from incorrect handling of the parameter “catalogid” in the file/kmc/savecatalog.jsp. This vulnerability may lead to SQL...
CVE-2026-1122 Yonyou KSOA HTTP GET Parameter work_info.jsp sql injection
A vulnerability was determined in Yonyou KSOA 9.0. This impacts an unknown function of the file /worksheet/workinfo.jsp of the component HTTP GET Parameter Handler. This manipulation of the argument ID causes sql injection. The attack may be initiated remotely. The exploit has been publicly...
CVE-2024-58298 Compuware iStrobe Web 20.13 Pre-Auth Remote Code Execution via File Upload
Compuware iStrobe Web 20.13 contains a pre-authentication remote code execution vulnerability that allows unauthenticated attackers to upload malicious JSP files through a path traversal in the file upload form. Attackers can exploit the 'fileName' parameter to upload a web shell and execute...
CVE-2024-58298 Compuware iStrobe Web 20.13 Pre-Auth Remote Code Execution via File Upload
Compuware iStrobe Web 20.13 contains a pre-authentication remote code execution vulnerability that allows unauthenticated attackers to upload malicious JSP files through a path traversal in the file upload form. Attackers can exploit the 'fileName' parameter to upload a web shell and execute...
Exploit for CVE-2020-1938
Ghostcat Scanner - CVE-2020-1938 A powerful Python exploit to...
SAP NetWeaver AS Java DoS (December 2025)
The version of SAP NetWeaver Application Server for Java detected on the remote host is affected by a denial of service vulnerability as disclosed in the SAP Security Patch Day December 2025: - SAP NetWeaver remote service for Xcelsius allows an attacker with network access and high privileges to...
OpenPLC ScadaBR Unrestricted Upload of File with Dangerous Type Vulnerability
OpenPLC ScadaBR contains an unrestricted upload of file with dangerous type vulnerability that allows remote authenticated users to upload and execute arbitrary JSP files via viewedit.shtm...
EUVD-2002-2325
Malware in sbrugna...
EUVD-2015-4182
Malware in sbrugna...
EUVD-2005-4798
Malware in sbrugna...
EUVD-2014-3149
Malware in sbrugna...
EUVD-2016-6463
Malware in sbrugna...
EUVD-2007-4148
Malware in sbrugna...
EUVD-2019-1078
Malware in sbrugna...
EUVD-2005-0426
Malware in sbrugna...
EUVD-2015-2715
Malware in sbrugna...
EUVD-2002-0925
Malware in sbrugna...
EUVD-2002-0926
Malware in sbrugna...