17 matches found
Dahua Smart Park Management - Arbitrary File Upload
Dahua wisdom park integrated management platform is a comprehensive management platform, a park operations,resource allocation, and intelligence services,and other functions, including/emap/devicePointaddImgIco?. id: CVE-2023-3836 info: name: Dahua Smart Park Management - Arbitrary File Upload...
EUVD-2025-9566
Malicious code in bioql PyPI...
CVE-2025-10398 fcba_zzm ics-park Smart Park Management System FileUploadUtils.java unrestricted upload
A security flaw has been discovered in fcbazzm ics-park Smart Park Management System 2.0. This vulnerability affects unknown code of the file FileUploadUtils.java. The manipulation of the argument File results in unrestricted upload. The attack can be launched remotely. The exploit has been...
CVE-2025-10394 fcba_zzm ics-park Smart Park Management System Scheduled Task JobController.java code injection
A vulnerability has been found in fcbazzm ics-park Smart Park Management System 2.0. Affected is an unknown function of the file ruoyi-quartz/src/main/java/com/ruoyi/quartz/controller/JobController.java of the component Scheduled Task Module. Such manipulation leads to code injection. The attack...
CVE-2025-10394
Vulnerability: fcba_zzm ics-park Smart Park Management System 2.0, in the Scheduled Task Module. Affected file: ruoyi-quartz/src/main/java/com/ruoyi/quartz/controller/JobController.java, within the Scheduled Task Module. Root cause: an unknown function in that file allows manipulation leading to ...
PT-2025-37405
Name of the Vulnerable Software and Affected Versions: fcba zzm ics-park Smart Park Management System version 2.0 Description: A code injection vulnerability exists in the Scheduled Task Module of the fcba zzm ics-park Smart Park Management System. The issue is located in an unknown function with...
PT-2025-37409
Name of the Vulnerable Software and Affected Versions: fcba zzm ics-park Smart Park Management System version 2.0 Description: A security flaw has been discovered that allows for unrestricted file upload. The vulnerability affects unknown code within the FileUploadUtils.java file. The manipulatio...
CVE-2023-3836
A vulnerability classified as critical was found in Dahua Smart Park Management up to 20230713. This vulnerability affects unknown code of the file /emap/devicePointaddImgIco?hasSubsystem=true. The manipulation of the argument upload leads to unrestricted upload. The attack can be initiated...
CVE-2025-3135
A vulnerability classified as critical was found in fcbazzm ics-park Smart Park Management System 2.1. This vulnerability affects unknown code of the file /api/system/dept/update. The manipulation leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the...
CVE-2025-3135
A vulnerability classified as critical was found in fcbazzm ics-park Smart Park Management System 2.1. This vulnerability affects unknown code of the file /api/system/dept/update. The manipulation leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the...
CVE-2025-3135 fcba_zzm ics-park Smart Park Management System update sql injection
A vulnerability classified as critical was found in fcbazzm ics-park Smart Park Management System 2.1. This vulnerability affects unknown code of the file /api/system/dept/update. The manipulation leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the...
CVE-2025-3135 fcba_zzm ics-park Smart Park Management System update sql injection
A vulnerability classified as critical was found in fcbazzm ics-park Smart Park Management System 2.1. This vulnerability affects unknown code of the file /api/system/dept/update. The manipulation leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the...
CVE-2025-3135
CVE-2025-3135 affects fcba_zzm ICT-park Smart Park Management System (version 2.1). The vulnerability is in the unknown code path of /api/system/dept/update and leads to SQL injection. It can be exploited remotely and has documented public exploit exposure. Public sources consistently describe a ...
PT-2025-14570 · Unknown · Fcba Zzm Ics-Park Smart Park Management System
Name of the Vulnerable Software and Affected Versions: fcba zzm ics-park Smart Park Management System version 2.1 Description: A critical vulnerability was found in the fcba zzm ics-park Smart Park Management System. This issue affects unknown code of the file "/api/system/dept/update" and leads ...
CVE-2023-3836
A vulnerability classified as critical was found in Dahua Smart Park Management up to 20230713. This vulnerability affects unknown code of the file /emap/devicePointaddImgIco?hasSubsystem=true. The manipulation of the argument upload leads to unrestricted upload. The attack can be initiated...
Out-of-bounds
A vulnerability classified as critical was found in Dahua Smart Park Management up to 20230713. This vulnerability affects unknown code of the file /emap/devicePointaddImgIco?hasSubsystem=true. The manipulation of the argument upload leads to unrestricted upload. The attack can be initiated...
CVE-2023-3836
CVE-2023-3836 affects Dahua Smart Park Management prior to 20230713. Multiple connected sources confirm an unrestricted/unauthorized file upload vulnerability in the endpoint /emap/devicePoint_addImgIco?hasSubsystem=true, enabling remote file upload and potentially remote code execution or full s...