Lucene search
K

7 matches found

Exploit DB
Exploit DB
added 2020/08/17 12:0 a.m.247 views

QiHang Media Web Digital Signage 3.0.9 - Remote Code Execution (Unauthenticated)

Exploit Title: QiHang Media Web Digital Signage 3.0.9 - Remote Code Execution Unauthenticated Date: 2020-08-12 Exploit Author: LiquidWorm Vendor Homepage: http://www.howfor.com Tested on: Microsoft Windows Server 2012 R2 Datacenter CVE : N/A...

7.4AI score
Exploits0
0day.today
0day.today
added 2020/08/15 12:0 a.m.310 views

QiHang Media Web Digital Signage 3.0.9 Remote Code Execution Vulnerability

Exploit for hardware platform in category web applications function uploadShellPoC var xhr = new XMLHttpRequest; xhr.open"POST", "http://192.168.1.74:8090/QH.aspx", true; xhr.s...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2020/08/13 12:0 a.m.281 views

QiHang Media Web Digital Signage 3.0.9 Arbitrary File Disclosure

QiHang Media Web QH.aspx Digital Signage 3.0.9 Arbitrary File Disclosure Vulnerability Vendor: Shenzhen Xingmeng Qihang Media Co., Ltd. Guangzhou Hefeng Automation Technology Co., Ltd. Product web page: http://www.howfor.com Affected version: 3.0.9.0 Summary: Digital Signage Software. Desc: The...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2020/08/13 12:0 a.m.199 views

QiHang Media Web Digital Signage 3.0.9 Arbitrary File Deletion

QiHang Media Web QH.aspx Digital Signage 3.0.9 Unauthenticated Arbitrary File Deletion Vendor: Shenzhen Xingmeng Qihang Media Co., Ltd. Guangzhou Hefeng Automation Technology Co., Ltd. Product web page: http://www.howfor.com Affected version: 3.0.9.0 Summary: Digital Signage Software. Desc: Input...

0.2AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2020/08/13 12:0 a.m.628 views

QiHang Media Web (QH.aspx) Digital Signage 3.0.9 Arbitrary File Disclosure Vulnerability

Summary Digital Signage Software. Description The application suffers from an unauthenticated file disclosure vulnerability when input passed thru the 'filename' parameter when using the download action or thru 'path' parameter when using the getAll action is not properly verified before being...

5.8AI score
Exploits0
CNVD
CNVD
added 2019/09/24 12:0 a.m.2 views

SQL Injection Vulnerability in ab***.php of Shanghai Enterprise Torch Advertising Media Co.

Ltd. is committed to providing all kinds of enterprises and institutions with network domain name registration, web hosting rental, website construction and maintenance, website promotion and publicity, website revision and translation, enterprise post office, network payment, system integration,...

7.6AI score
Exploits0
CNVD
CNVD
added 2019/01/25 12:0 a.m.3 views

SQL injection vulnerability in sh***.php page of website building system of Hainan Creative Future Culture Media Co.

Hainan Creative Future Culture Media Co., Ltd. is an excellent media enterprise engaged in brand one-stop service e-commerce advertising consulting services. There is a SQL injection vulnerability in the sh.php page of the website system of Hainan Creative Future Culture Media Co., Ltd. that can ...

7.6AI score
Exploits0
Rows per page
Query Builder