9 matches found
CVE-2025-61943
The vulnerability, if exploited, could allow an authenticated miscreant Process Optimization Standard User to tamper with queries in Captive Historian and achieve code execution under SQL Server administrative privileges, potentially resulting in complete compromise of the SQL Server...
SQL injection vulnerability in WMCMS Pro da***.my***.php file
WMCMS is based on PHP + MYSQL as the core development, free + open source professional Chinese labeling system. There is a SQL injection vulnerability in the file da.my.php in the professional version of WMCMS. Attackers can use this vulnerability to obtain server administrative privileges...
Command Execution Vulnerability in CAJViewer of China Academic Journals (CD-ROM Version) Electronic Magazine Company Limited (CNVD-2020-61898)
caj reader CAJViewer is a specialized browser for reading and editing literature in the CNKI series of databases. A command execution vulnerability exists in CAJViewer of China Academic Journals CD-ROM Version Electronic Magazine Company Limited, which can be exploited by an attacker to obtain...
Memory corruption vulnerability exists in WPS Office International Edition of Zhuhai Kingsoft Office Software Co. Ltd (CNVD-2020-41840)
Kingsoft WPS is Kingsoft Office Software office software, you can realize the office software commonly used text, forms, presentations and other functions. Zhuhai Kingsoft Office Software Co., Ltd. WPS Office international version of the existence of memory corruption vulnerability, attackers can...
Memory Corruption Vulnerability in WPS Office International Edition of Zhuhai Kingsoft Office Software Co. Ltd (CNVD-2020-41836)
Kingsoft WPS is Kingsoft Office Software office software, you can realize the office software commonly used text, forms, presentations and other functions. Zhuhai Kingsoft Office Software Co., Ltd. WPS Office international version of the existence of memory corruption vulnerability, attackers can...
Advantech WebAccessNode Code Execution Vulnerability in Advantech Technology (China) Co.
Advantech China Co., Ltd. is a global manufacturer in the intelligent system industry. A code execution vulnerability exists in Advantech WebAccessNode of Advantech Technology China Co. Ltd. that can be exploited by an attacker to gain server administrator privileges...
HuCart suffers from a file upload vulnerability (CNVD-2020-25572)
HuCart is a PHP+Mysql based enterprise building system that can run on various server platforms such as Linux and Windows. HuCart has a file upload vulnerability, which can be exploited by attackers to upload malicious files and obtain server administrative privileges...
File upload vulnerability in the background ap***_co***.php file of PHPOK enterprise website building system
PHPOK is a set of enterprise station CMS system developed in PHP + MYSQL language. A file upload vulnerability exists in the apco.php file in the background of the PHPOK enterprise website system. Remote attackers can use this vulnerability to obtain server administrative privileges...
Arbitrary file deletion
Hipchat Server before 2.2.3 allows remote authenticated users with Server Administrator level privileges to execute arbitrary code by importing a file...