985 matches found
IBM Security Access Manager for Web Security Bypass Vulnerability
IBM Security Access Manager ISAM for Web formerly known as IBM Tivoli Access Manager for e-business is a suite of IBM products for user authentication, authorization, and Web single sign-on solutions that provide user access management and Web application protection Functions. A security bypass...
Arbitrary File Upload Vulnerability in 'ExamFileUp.ashx' File of MicroXia Online Learning Platform
Micro Xia Online Learning Platform is an online education system based on B/S architecture. An arbitrary file upload vulnerability exists in the 'ExamFileUp.ashx' file of MicroXia Online Learning Platform. It allows attackers to upload webshell and gain server privileges...
The vulnerability of the Oracle MySQL database management system allows a hacker to trigger a service failure.
The vulnerability of the MySQL Server component of the Oracle MySQL database management system is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor to gain privileged access and cause the system to become unstable or crash using network packets...
XenServer Cannot Read the License From the License Server
XenServer cannot read the license from the license server...
ZYCHCMS V03 Arbitrary File Write Vulnerability in '/include/page.asp' File
ZYCHCMS is an enterprise website management system. ZYCHCMS V03 '/include/page.asp' file contains an arbitrary file write vulnerability. The vulnerability allows attackers to write scripts to arbitrary files to gain server privileges...
Arbitrary file upload vulnerability in the Uploading.ashx file of MicroXia e-learning platform
Micro Xia Online Learning Platform is an online education system based on B/S architecture. An arbitrary file uploading vulnerability exists in the Uploading.ashx file of the Weixia Online Learning Platform. It allows attackers to exploit the vulnerability to upload webshell and gain server...
YXCMS backend new template with SQL execution function has arbitrary file write vulnerability
Yxcms is an enterprise building system based on PHP and mysql technology. YXCMS backend new templates and SQL execution function has arbitrary file write vulnerability, attackers can exploit the vulnerability to write webshell, get server privileges...
74cms V4.1.24 Exists File Inclusion and Reflective Cross-Site Scripting Vulnerabilities
74cms knight cms is a PHP-based open source professional talent system. 74cms V4.1.24 windows server build exists file containing and reflective cross-site scripting vulnerabilities. Allow attackers to exploit the vulnerability to obtain the containing server directory file ; at the same time,...
How fast the use of s02-45 vulnerability to gain server access-vulnerability warning-the black bar safety net
1.1 CVE-2017-5638 vulnerability profile Apache Struts 2 is the world's most popular JavaWeb Server framework. However, in Struts 2 found that the presence of high-risk security vulnerability, CVE-2017-5638,S02-45,and the vulnerability impact to: Struts 2.3.5 - Struts 2.3.31, Struts 2.5 - Struts2...
Path traversal
An issue was discovered in Fidelix FX-20 series controllers, versions prior to 11.50.19. Arbitrary file reading via path traversal allows an attacker to access arbitrary files and directories on the server...
CVE-2016-9364
An issue was discovered in Fidelix FX-20 series controllers, versions prior to 11.50.19. Arbitrary file reading via path traversal allows an attacker to access arbitrary files and directories on the server...
Coppermine 1.5.42: Second-Order Command Execution
RIPS Analysis The analysis with RIPS took only 53 seconds to complete and it uncovered a lot of security vulnerabilities - although most of them require authentication. Nonetheless, these issues are severe because they can be combined with other security vulnerabilities that allow an attacker to...
File upload vulnerability in the file /userweb/php/index/daPing.class.php of the Tibus Communications call center system
The core of Tibco's call center system is a communication-based system for internal and external corporate communication. A file upload vulnerability exists in the file /userweb/php/index/daPing.class.php in the Tibco Call Center System. The vulnerability allows an attacker to upload a webshell a...
Adult FriendFinder Vulnerability Leaves Millions Exposed, Report Claims
Adult website Adult FriendFinder may have been compromised by a hacker who said he has gained access to the site’s backend servers and posted allegedly compromised data to his Twitter feed. The breach has not been confirmed by the site’s parent company FriendFinder Networks, which says it is...
Arbitrary File Write Vulnerability in Eurohoo Government System of Shanghai Eurohoo Network Technology Co.
Shanghai Ohuhu Network Technology Co., Ltd. is a service-oriented enterprise integrating Internet software research and development, website operation, e-commerce and IT services. There is an arbitrary file write vulnerability in Shanghai Ohuhu Network Technology Co. The vulnerability allows an...
Insecure Redis Instances at Core of Attacks Against Linux Servers
A recent run of attacks against Linux servers called Fairware has been traced to insecure internet-facing Redis installations that hackers have abused to delete web folders and, in some cases, install malicious code. Redis is an open source tool used by web application developers for the purpose ...
SQL Injection Vulnerability in Remote Rapid Application Access Solution System mxcheckuserMachine.php Page Parameter a of UFIDA Information Technology Ltd.
UFIDA UPC Information Technology Co., Ltd. remote rapid application access solution is to use U8 remote access can be realized instantly access to the company's application systems and enterprise information and simplify the deployment and management of complex computing environment. The product...
Arbitrary File Upload Vulnerability in Jianwen Project Management System
Jianwen project management system is a .net developed cycle management system applied to a variety of engineering projects There is an arbitrary file upload vulnerability in the Jianwen Project Management System: File upload vulnerability address:...
Default Backdoor Vulnerability in s-cms Website Builder System
S-CMS is Zibo Shining Network Technology Co., Ltd. developed a specialized enterprise to provide solutions to build a station of the product. There is a default backdoor vulnerability in s-cms website builder system. Allow attackers to directly obtain site or server permissions...
xDedic Hacked Servers Market May Be Larger Than Originally Thought
New data anonymously shared with Kaspersky Lab researchers may enlarge the scope of and provide additional context to the hacked RDP servers for sale on the now defunct xDedic marketplace. The underground marketplace was disclosed in a report published last Tuesday describing an eBay-style platfo...