7 matches found
QiHang Media Web Digital Signage 3.0.9 - Remote Code Execution (Unauthenticated)
Exploit Title: QiHang Media Web Digital Signage 3.0.9 - Remote Code Execution Unauthenticated Date: 2020-08-12 Exploit Author: LiquidWorm Vendor Homepage: http://www.howfor.com Tested on: Microsoft Windows Server 2012 R2 Datacenter CVE : N/A...
QiHang Media Web Digital Signage 3.0.9 Remote Code Execution Vulnerability
Exploit for hardware platform in category web applications function uploadShellPoC var xhr = new XMLHttpRequest; xhr.open"POST", "http://192.168.1.74:8090/QH.aspx", true; xhr.s...
QiHang Media Web Digital Signage 3.0.9 Arbitrary File Disclosure
QiHang Media Web QH.aspx Digital Signage 3.0.9 Arbitrary File Disclosure Vulnerability Vendor: Shenzhen Xingmeng Qihang Media Co., Ltd. Guangzhou Hefeng Automation Technology Co., Ltd. Product web page: http://www.howfor.com Affected version: 3.0.9.0 Summary: Digital Signage Software. Desc: The...
QiHang Media Web Digital Signage 3.0.9 Arbitrary File Deletion
QiHang Media Web QH.aspx Digital Signage 3.0.9 Unauthenticated Arbitrary File Deletion Vendor: Shenzhen Xingmeng Qihang Media Co., Ltd. Guangzhou Hefeng Automation Technology Co., Ltd. Product web page: http://www.howfor.com Affected version: 3.0.9.0 Summary: Digital Signage Software. Desc: Input...
QiHang Media Web (QH.aspx) Digital Signage 3.0.9 Arbitrary File Disclosure Vulnerability
Summary Digital Signage Software. Description The application suffers from an unauthenticated file disclosure vulnerability when input passed thru the 'filename' parameter when using the download action or thru 'path' parameter when using the getAll action is not properly verified before being...
SQL Injection Vulnerability in ab***.php of Shanghai Enterprise Torch Advertising Media Co.
Ltd. is committed to providing all kinds of enterprises and institutions with network domain name registration, web hosting rental, website construction and maintenance, website promotion and publicity, website revision and translation, enterprise post office, network payment, system integration,...
SQL injection vulnerability in sh***.php page of website building system of Hainan Creative Future Culture Media Co.
Hainan Creative Future Culture Media Co., Ltd. is an excellent media enterprise engaged in brand one-stop service e-commerce advertising consulting services. There is a SQL injection vulnerability in the sh.php page of the website system of Hainan Creative Future Culture Media Co., Ltd. that can ...