XCMS 代码问题漏洞

XCMS is a CMS website builder system by JackQ individual developers. A code issue vulnerability exists in XCMS, which stems from an incorrect operation of the file Public/javascripts/admin/plupload-2.1.2/examples/upload.php, which could lead to unlimited uploads...

CVE-2025-10359 Wavlink WL-WN578W2 wireless.cgi sub_404DBC os command injection

A vulnerability was detected in Wavlink WL-WN578W2 221110. This impacts the function sub404DBC of the file /cgi-bin/wireless.cgi. The manipulation of the argument macAddr results in os command injection. The attack can be launched remotely. The exploit is now public and may be used. The vendor wa...

Mobilya Scripti 2 Shell Upload

Exploit Title: Mobilya Scripti v2 File Upload 2. Google Dork: intext:Lütfen sadece .doc yada .pdf uzantılı dosya gönderin. 3. Date: 10.4.2016 4. Exploit Author: [email protected] 5. Vendor Homepage: http://www.hazirscriptler.web.tr/mobilya-scripti-php-v2 6. Version: v2 7. Tested...

DEBIAN-CVE-2012-4530

The loadscript function in fs/binfmtscript.c in the Linux kernel before 3.7.2 does not properly handle recursion, which allows local users to obtain sensitive information from kernel stack memory via a crafted application...

suse: sdbsearch.cgi vulnerability

Hello, I found weakness in sdbsearch.cgi script which is a part of Suse distribution. This is perl script and since Suse 7.1 they have introduced some form of protection interpreter is called with tainting checking. However, I think it isn't enough and this bug still may produce danger...