Lucene search
K

66 matches found

Vulnrichment
Vulnrichment
added 2025/03/04 6:31 p.m.6 views

CVE-2025-1946 hzmanyun Education and Training System exportPDF command injection

A vulnerability was found in hzmanyun Education and Training System 2.1. It has been rated as critical. Affected by this issue is the function exportPDF of the file /user/exportPDF. The manipulation of the argument id leads to command injection. The attack may be launched remotely. The exploit ha...

6.5CVSS7.1AI score0.04801EPSS
Exploits1References4
NVD
NVD
added 2025/02/25 11:15 a.m.14 views

CVE-2025-1676

A vulnerability classified as critical was found in hzmanyun Education and Training System 3.1.1. Affected by this vulnerability is the function pdf2swf of the file /pdf2swf. The manipulation of the argument file leads to os command injection. The attack can be launched remotely. The exploit has...

9.8CVSS0.02479EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/02/25 11:0 a.m.3 views

CVE-2025-1676 hzmanyun Education and Training System pdf2swf os command injection

A vulnerability classified as critical was found in hzmanyun Education and Training System 3.1.1. Affected by this vulnerability is the function pdf2swf of the file /pdf2swf. The manipulation of the argument file leads to os command injection. The attack can be launched remotely. The exploit has...

6.5CVSS6.9AI score0.02479EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/02/25 11:0 a.m.12 views

CVE-2025-1676 hzmanyun Education and Training System pdf2swf os command injection

A vulnerability classified as critical was found in hzmanyun Education and Training System 3.1.1. Affected by this vulnerability is the function pdf2swf of the file /pdf2swf. The manipulation of the argument file leads to os command injection. The attack can be launched remotely. The exploit has...

6.5CVSS0.02479EPSS
Exploits0References4
CVE
CVE
added 2025/02/21 9:0 p.m.63 views

CVE-2025-1555

The CVE-2025-1555 entry affects the product hzmanyun Education and Training System 3.1.1 , specifically the vulnerable function saveImage . The issue arises from manipulating the argument file , leading to an unrestricted upload vulnerability. The impact is described as remote post-exploitation c...

9.8CVSS7.2AI score0.0065EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2025/02/21 9:0 p.m.14 views

CVE-2025-1555 hzmanyun Education and Training System saveImage unrestricted upload

A vulnerability classified as critical was found in hzmanyun Education and Training System 3.1.1. This vulnerability affects the function saveImage. The manipulation of the argument file leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the publ...

7.5CVSS0.0065EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/02/21 12:0 a.m.6 views

Education and Training System 代码问题漏洞

Education and Training System is an education and training system by the individual developer hzmanyun. A code issue exists in Education and Training System version 3.1.1, which stems from a lack of restrictions in the upload process, resulting in arbitrary file uploads...

7.5CVSS7.7AI score0.0065EPSS
Exploits0References5
CNVD
CNVD
added 2025/02/05 12:0 a.m.9 views

Nanjing Guanbao Technology Development Co., Ltd. safety education and training information system has information leakage vulnerability

Nanjing Tube Bao Technology Development Co., Ltd. is a high-tech enterprise focusing on computer hardware and software research and development, sales, service and system integration. There is an information leakage vulnerability in the security education and training information system of Nanjin...

6.8AI score
Exploits0
Vulnrichment
Vulnrichment
added 2024/12/19 4:1 a.m.12 views

CVE-2024-11984 SUNNET Corporate Training Management System - Unrestricted Upload of File with Dangerous Type

A unrestricted upload of file with dangerous type vulnerability in epaper draft function in Corporate Training Management System before 10.13 allows remote authenticated users to bypass file upload restrictions and perform arbitrary system commands with SYSTEM privilege via a crafted ZIP file...

9.4CVSS7AI score0.00726EPSS
Exploits0References1
CNVD
CNVD
added 2021/02/10 12:0 a.m.3 views

XML Entity Injection Vulnerability in Training and Exam System of Beijing Yunfan Internet Technology Co.

Beijing Yunfan Internet Technology Co., Ltd. business scope includes: technology development, technology promotion, technology transfer, technology consulting, technical services and so on. Beijing Yunfan Internet Technology Co., Ltd. training and examination system exists XML entity injection...

7.2AI score
Exploits0
CNVD
CNVD
added 2019/08/30 12:0 a.m.1 views

Unauthorized Access Vulnerability in the Frontend of Smartstone Online Training and Learning System of Shijiazhuang Lingstone Technology Co.

Smartstone Online Training and Learning System is an online learning platform that integrates both passive training and active learning modes and supports multi-level authorization management. There is an unauthorized access vulnerability in the frontend of Smartstone Online Training and Learning...

6.7AI score
Exploits0
Hacker One
Hacker One
added 2019/08/13 7:48 p.m.23 views

U.S. Dept Of Defense: Online training material disclosing username and password

Summary: A training document is revealing username and password details for what appears to be a DoD training system Description: Using the google dork site:.mil ext:ppt intext:password, I was able to find a number of powerpoint documents on .mil websites that include username and passwords. This...

0.4AI score
Exploits0
CNVD
CNVD
added 2018/11/07 12:0 a.m.3 views

File Upload Vulnerability in the Frontend of Online Training System of Beijing Xinqi Technology Co.

Beijing Xinqi Technology Co., Ltd. is a technical service enterprise specializing in the research and development of training management software. A file upload vulnerability exists in the frontend of the online training system of Beijing Xinqi Technology Co., Ltd. that can be exploited by an...

7.2AI score
Exploits0
CNVD
CNVD
added 2018/10/22 12:0 a.m.3 views

Beijing Xinqi Technology Co., Ltd. online training system has an override access vulnerability in the frontend

Beijing Xinqi Technology Co., Ltd. is a technical service enterprise specializing in the research and development of training management software. A vulnerability exists in the frontend of the online training system of Beijing Xinqi Technology Co. An attacker can exploit the vulnerability to log ...

6.8AI score
Exploits0
CNVD
CNVD
added 2018/10/22 12:0 a.m.4 views

SQL Injection Vulnerability in the Frontend of Online Training System of Beijing Xinqi Technology Co.

Beijing Xinqi Technology Co., Ltd. is a technical service enterprise specializing in the research and development of training management software. A SQL injection vulnerability exists in the frontend of the online training system of Beijing Xinqi Technology Co. An attacker can exploit the...

7.6AI score
Exploits0
CNVD
CNVD
added 2018/10/22 12:0 a.m.2 views

Stored Cross-site Scripting Vulnerability in the Frontend of Online Training System of Beijing Xinqi Technology Co.

Beijing Xinqi Technology Co., Ltd. is a technical service enterprise specializing in the research and development of training management software. A stored cross-site scripting vulnerability exists in the frontend of the online training system of Beijing Xinqi Technology Co. An attacker can inser...

6.3AI score
Exploits0
CNVD
CNVD
added 2018/10/22 12:0 a.m.3 views

Arbitrary File Upload Vulnerability in the Frontend of Online Training System of Beijing Xinqi Technology Co.

Beijing Xinqi Technology Co., Ltd. is a technical service enterprise specializing in the research and development of training management software. An arbitrary file upload vulnerability exists in the frontend of the online training system of Beijing Xinqi Technology Co. The vulnerability allows a...

7.3AI score
Exploits0
seebug.org
seebug.org
added 2016/06/21 12:0 a.m.11 views

Days Bo online training system /Web_Org/Class_Info. aspx file couseid parameter SQL injection vulnerability

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/06/10 12:0 a.m.15 views

Days Bo online training system network school Edition Course_Class_List_Default. aspx the parameter cid SQL injection vulnerability

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/06/10 12:0 a.m.15 views

Days Bo online training system St_Son_Index. aspx, etc. 6 SQL injection vulnerability

No description provided by source...

7.1AI score
Exploits0
Rows per page
Query Builder