EUVD-2024-46515

Malicious code in bioql PyPI...

Baidu.com Windows Client Remote Command Execution Vulnerability

BaiduNetdisk BaiduNetdisk is a cloud-based platform that provides file storage, synchronization and sharing services. Users can store their personal files through BaiduNetdisk and can share files by linking or inviting others. BaiduNetdisk also provides a file synchronization feature that allows...

CVE-2024-5279

A vulnerability was found in Qiwen Netdisk up to 1.4.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component File Rename Handler. The manipulation with the input leads to cross site scripting. The attack can be launched remotely. The...

CVE-2024-5279

A vulnerability was found in Qiwen Netdisk up to 1.4.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component File Rename Handler. The manipulation with the input leads to cross site scripting. The attack can be launched remotely. The...

CVE-2024-5279 Qiwen Netdisk File Rename cross site scripting

A vulnerability was found in Qiwen Netdisk up to 1.4.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component File Rename Handler. The manipulation with the input leads to cross site scripting. The attack can be launched remotely. The...

CVE-2024-5279

The CVE-2024-5279 entry affects Qiwen Netdisk up to version 1.4.0, with a vulnerability in the File Rename Handler that allows stored cross-site scripting via a crafted file name. The attack vector is network-based and can be triggered remotely; it uses an input such as , and the vulnerability is...

CVE-2024-5279 Qiwen Netdisk File Rename cross site scripting

A vulnerability was found in Qiwen Netdisk up to 1.4.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component File Rename Handler. The manipulation with the input leads to cross site scripting. The attack can be launched remotely. The...

Qiwen Netdisk 跨站脚本漏洞

Qiwen Netdisk is a simple and convenient file storage solution netdisk from Qiwen, a Chinese company. A cross-site scripting vulnerability exists in Qiwen Netdisk version 1.4.0 and earlier, which stems from a stored cross-site scripting XSS vulnerability in the file renaming feature in qiwen-file...

Baidu Netdisk 代码问题漏洞

Baidu Netdisk 百度网盘 is a personal cloud storage service software from the Chinese company Baidu. A security vulnerability exists in Baidu Netdisk 7.4.3 and earlier versions, which stems from an untrusted search path vulnerability that allows an attacker to gain privileges via a Trojan horse DLL in...

CVE-2017-9846

Winmail Server 6.1 allows remote code execution by authenticated users who leverage directory traversal in a netdisk.php movefolderfile call to move a .php file from the FTP folder into a web folder...

U-mail Mail Service system to the latest version 3 SQL injection vulnerability package-vulnerability warning-the black bar safety net

Injection point 1: \client\mail\module\views.php: code area if ACTION == "mail-compose" $draftmail = gss $GET'draft' ; $forwardmail = gss $GET'forward' ; $replymail = gss $GET'reply' ; $mailbox = gss $GET'mailbox' ; $writeagain = gss $GET'writeagain' ; $issendfile = gss $GET'sendfile' ; $isshare ...

Anymacro 邮件系统最新版SQL注入漏洞

简要描述： 厂商一直回复说，不是最新版的，现在我就捅几枚最新版的菊花出来，谢谢。。。 详细说明： 0x001 anymacro是国内较流行的一家企业级邮箱系统，客户主要为教育/政府机构。 今天所发现的SQL注入影响所有Anymacro所有邮件系统。 0x002 漏洞分析 本次属于黑盒测试。。。 漏洞点在网盘处，在下载里面的附件的时候，由于参数未进行判断，导致产生SQL注入漏洞 https://mail.xxx.com/down.php?netdisk=1...