11 matches found
EUVD-2024-33940
Malicious code in bioql PyPI...
CVE-2024-11662
A vulnerability was found in welliamcao OpsManage 3.0.1/3.0.2/3.0.3/3.0.4/3.0.5. It has been rated as critical. This issue affects the function deployhostvars of the file /apps/api/views/deployapi.py of the component API Endpoint. The manipulation leads to deserialization. The attack may be...
CVE-2024-11662
A vulnerability was found in welliamcao OpsManage 3.0.1/3.0.2/3.0.3/3.0.4/3.0.5. It has been rated as critical. This issue affects the function deployhostvars of the file /apps/api/views/deployapi.py of the component API Endpoint. The manipulation leads to deserialization. The attack may be...
CVE-2024-11662 welliamcao OpsManage API Endpoint deploy_api.py deploy_host_vars deserialization
A vulnerability was found in welliamcao OpsManage 3.0.1/3.0.2/3.0.3/3.0.4/3.0.5. It has been rated as critical. This issue affects the function deployhostvars of the file /apps/api/views/deployapi.py of the component API Endpoint. The manipulation leads to deserialization. The attack may be...
CVE-2024-11662 welliamcao OpsManage API Endpoint deploy_api.py deploy_host_vars deserialization
A vulnerability was found in welliamcao OpsManage 3.0.1/3.0.2/3.0.3/3.0.4/3.0.5. It has been rated as critical. This issue affects the function deployhostvars of the file /apps/api/views/deployapi.py of the component API Endpoint. The manipulation leads to deserialization. The attack may be...
CVE-2024-11662
CVE-2024-11662 affects welliamcao OpsManage, specifically the deploy_host_vars function in /apps/api/views/deploy_api.py of the API Endpoint. A deserialization vulnerability exists in versions 3.0.1–3.0.5 that can be exploited remotely; exploitation details have been publicly disclosed. Connected...
OpsManage 代码问题漏洞
OpsManage is a code deployment, application deployment, scheduled tasks, and device asset management platform by William.Cao Personal Developer. A code issue vulnerability exists in OpsManage. An attacker exploiting this vulnerability could cause data deserialization. The following versions are...
PT-2024-17172 · Welliamcao · Ops Manager
Name of the Vulnerable Software and Affected Versions: welliamcao OpsManage versions 3.0.1 through 3.0.5 Description: A critical issue affects the deploy host vars function of the /apps/api/views/deploy api.py file in the API Endpoint component. This issue leads to deserialization and can be...
Path Traversal in welliamcao/opsmanage
漏洞 README.md文件中的nginx配置存在安全漏洞,导致恶意攻击者可以任意读取项目中的文件。 POC 对于github上的demo地址,一种可行的攻击方式为: http://42.194.214.22:8000/static../ 可以看到读取到整个项目的文件。如果用户对该项目进行过二开,并在init.sql,conf/中写入了一些敏感信息,可能造成较大危害 影响 攻击者可以读取项目目录下任意文件...
Command execution vulnerability exists in OpsManage (CNVD-2020-31455)
OpsManage is a management platform for performing device assets, code deployment, application deployment, and scheduled tasks. OpsManage suffers from a command execution vulnerability that can be exploited by an attacker to gain server administrative privileges...
Command Execution Vulnerability in OpsManage
OpsManage is a management platform for performing device assets, code deployment, application deployment, and scheduled tasks. OpsManage suffers from a command execution vulnerability that can be exploited by an attacker to gain server administrative privileges...