CVE-2025-57227

An unquoted service path in Kingosoft Technology Ltd Kingo ROOT v1.5.8.3353 allows attackers to escalate privileges via placing a crafted executable file into a parent folder...

EUVD-2025-36694

An unquoted service path in Kingosoft Technology Ltd Kingo ROOT v1.5.8.3353 allows attackers to escalate privileges via placing a crafted executable file into a parent folder...

CVE-2025-57227

CVE-2025-57227 affects Kingo ROOT v1.5.8.3353 by Kingosoft Technology Ltd. The vulnerability is an unquoted service path that allows local privilege escalation by placing a crafted executable in the parent folder. Public sources (e.g., PT-2025-44334) suggest updating to a newer Kingo ROOT version...

CVE-2025-57227

An unquoted service path in Kingosoft Technology Ltd Kingo ROOT v1.5.8.3353 allows attackers to escalate privileges via placing a crafted executable file into a parent folder...

s2-045 remote command execution vulnerability in KINGOSOFT University Teaching Network Management System of Hunan Qingguo Software Co.

Hunan Qingguo Software Co., Ltd KINGOSOFT college teaching network management system is a technical solution for the construction of digital campus for colleges and universities. Hunan Qingguo Software Co., Ltd. KINGOSOFT university teaching network management system uses Apache Struts xwork as t...

Kingosoft 学生综合管理系统 index_QueryStu.aspx POST注入

0x01漏洞简介 Kingosoft 学生综合管理系统在/xsweb/data/indexQueryStu.aspx对POST参数TextBoxsfzh过滤不严格，导致出现SQL注入漏洞。远程攻击者可以利用该漏洞执行SQL指令。 0x02漏洞证明 http://XXXXX/Xsweb/data/indexQueryStu.aspx 参数TextBoxsfzh存在SQL注入漏洞 0x03修复方案 过滤。...

KINGOSOFT高校网络教学平台一系列严重问题

简要描述： KINGOSOFT高校网络教学平台一系列严重问题 详细说明： KINGOSOFT高校网络教学平台是青果软件的另一产品，发现有严重的安全隐患。 1.文件读取漏洞 这个系统是J2EE开发，我们来访问（实际测试地址不方便放出，因为是学校） http://test.com/testpath/download.jsp?downfile=WEB-INF/web.xml 得到  CASFilter edu.yale.its.tp.cas.client.filter.CASFilter edu.yale.its.tp.cas.client.filter.loginUrl...