Lucene search
+L

17 matches found

Nuclei
Nuclei
added 2 days ago160 views

Dahua Smart Park Management - Arbitrary File Upload

Dahua wisdom park integrated management platform is a comprehensive management platform, a park operations,resource allocation, and intelligence services,and other functions, including/emap/devicePointaddImgIco?. id: CVE-2023-3836 info: name: Dahua Smart Park Management - Arbitrary File Upload...

9.8CVSS6.7AI score0.73525EPSS
Exploits2References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.13 views

EUVD-2025-9566

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00398EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/09/14 12:2 p.m.4 views

CVE-2025-10398 fcba_zzm ics-park Smart Park Management System FileUploadUtils.java unrestricted upload

A security flaw has been discovered in fcbazzm ics-park Smart Park Management System 2.0. This vulnerability affects unknown code of the file FileUploadUtils.java. The manipulation of the argument File results in unrestricted upload. The attack can be launched remotely. The exploit has been...

6.5CVSS6.4AI score0.00302EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/09/14 6:32 a.m.3 views

CVE-2025-10394 fcba_zzm ics-park Smart Park Management System Scheduled Task JobController.java code injection

A vulnerability has been found in fcbazzm ics-park Smart Park Management System 2.0. Affected is an unknown function of the file ruoyi-quartz/src/main/java/com/ruoyi/quartz/controller/JobController.java of the component Scheduled Task Module. Such manipulation leads to code injection. The attack...

5.8CVSS6.5AI score0.00397EPSS
Exploits1References4
CVE
CVE
added 2025/09/14 6:32 a.m.15 views

CVE-2025-10394

Vulnerability: fcba_zzm ics-park Smart Park Management System 2.0, in the Scheduled Task Module. Affected file: ruoyi-quartz/src/main/java/com/ruoyi/quartz/controller/JobController.java, within the Scheduled Task Module. Root cause: an unknown function in that file allows manipulation leading to ...

7.2CVSS5AI score0.00397EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2025/09/14 12:0 a.m.9 views

PT-2025-37405

Name of the Vulnerable Software and Affected Versions: fcba zzm ics-park Smart Park Management System version 2.0 Description: A code injection vulnerability exists in the Scheduled Task Module of the fcba zzm ics-park Smart Park Management System. The issue is located in an unknown function with...

5.8CVSS4.9AI score0.00397EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2025/09/14 12:0 a.m.6 views

PT-2025-37409

Name of the Vulnerable Software and Affected Versions: fcba zzm ics-park Smart Park Management System version 2.0 Description: A security flaw has been discovered that allows for unrestricted file upload. The vulnerability affects unknown code within the FileUploadUtils.java file. The manipulatio...

6.5CVSS6.3AI score0.00302EPSS
Exploits1References9
RedhatCVE
RedhatCVE
added 2025/05/23 4:7 a.m.15 views

CVE-2023-3836

A vulnerability classified as critical was found in Dahua Smart Park Management up to 20230713. This vulnerability affects unknown code of the file /emap/devicePointaddImgIco?hasSubsystem=true. The manipulation of the argument upload leads to unrestricted upload. The attack can be initiated...

9.8CVSS6.9AI score0.73525EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2025/04/05 2:46 a.m.27 views

CVE-2025-3135

A vulnerability classified as critical was found in fcbazzm ics-park Smart Park Management System 2.1. This vulnerability affects unknown code of the file /api/system/dept/update. The manipulation leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the...

6.5CVSS7.9AI score0.00398EPSS
Exploits0References1
NVD
NVD
added 2025/04/03 2:15 a.m.22 views

CVE-2025-3135

A vulnerability classified as critical was found in fcbazzm ics-park Smart Park Management System 2.1. This vulnerability affects unknown code of the file /api/system/dept/update. The manipulation leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the...

9.8CVSS0.00398EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/04/03 1:31 a.m.12 views

CVE-2025-3135 fcba_zzm ics-park Smart Park Management System update sql injection

A vulnerability classified as critical was found in fcbazzm ics-park Smart Park Management System 2.1. This vulnerability affects unknown code of the file /api/system/dept/update. The manipulation leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the...

6.5CVSS7.8AI score0.00398EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/04/03 1:31 a.m.39 views

CVE-2025-3135 fcba_zzm ics-park Smart Park Management System update sql injection

A vulnerability classified as critical was found in fcbazzm ics-park Smart Park Management System 2.1. This vulnerability affects unknown code of the file /api/system/dept/update. The manipulation leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the...

6.5CVSS0.00398EPSS
Exploits0References4
CVE
CVE
added 2025/04/03 1:31 a.m.88 views

CVE-2025-3135

CVE-2025-3135 affects fcba_zzm ICT-park Smart Park Management System (version 2.1). The vulnerability is in the unknown code path of /api/system/dept/update and leads to SQL injection. It can be exploited remotely and has documented public exploit exposure. Public sources consistently describe a ...

9.8CVSS7.8AI score0.00398EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2025/04/03 12:0 a.m.10 views

PT-2025-14570 · Unknown · Fcba Zzm Ics-Park Smart Park Management System

Name of the Vulnerable Software and Affected Versions: fcba zzm ics-park Smart Park Management System version 2.1 Description: A critical vulnerability was found in the fcba zzm ics-park Smart Park Management System. This issue affects unknown code of the file "/api/system/dept/update" and leads ...

6.5CVSS6.8AI score0.00398EPSS
Exploits0References10
NVD
NVD
added 2023/07/22 6:15 p.m.21 views

CVE-2023-3836

A vulnerability classified as critical was found in Dahua Smart Park Management up to 20230713. This vulnerability affects unknown code of the file /emap/devicePointaddImgIco?hasSubsystem=true. The manipulation of the argument upload leads to unrestricted upload. The attack can be initiated...

9.8CVSS8.2AI score0.73525EPSS
Exploits2References3
Prion
Prion
added 2023/07/22 6:15 p.m.32 views

Out-of-bounds

A vulnerability classified as critical was found in Dahua Smart Park Management up to 20230713. This vulnerability affects unknown code of the file /emap/devicePointaddImgIco?hasSubsystem=true. The manipulation of the argument upload leads to unrestricted upload. The attack can be initiated...

6.5CVSS9.6AI score0.73525EPSS
Exploits2References3Affected Software1
CVE
CVE
added 2023/07/22 6:0 p.m.95 views

CVE-2023-3836

CVE-2023-3836 affects Dahua Smart Park Management prior to 20230713. Multiple connected sources confirm an unrestricted/unauthorized file upload vulnerability in the endpoint /emap/devicePoint_addImgIco?hasSubsystem=true, enabling remote file upload and potentially remote code execution or full s...

9.8CVSS8.1AI score0.73525EPSS
In wildExploits2References3Affected Software1
Rows per page
Query Builder