EUVD-2017-3265

Malware in sbrugna...

EUVD-2021-30363

Malicious code in bioql PyPI...

SUSE CVE-2016-4802

Multiple untrusted search path vulnerabilities in cURL and libcurl before 7.49.1, when built with SSPI or telnet is enabled, allow local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse 1 security.dll, 2 secur32.dll, or 3 ws232.dll in the application or current...

CVE-2021-43430

An Access Control vulnerability exists in BigAntSoft BigAnt office messenger 5.6 via imwebserver, which could let a malicious user upload PHP Trojan files...

Improper access control

An Access Control vulnerability exists in BigAntSoft BigAnt office messenger 5.6 via imwebserver, which could let a malicious user upload PHP Trojan files...

CVE-2021-43430

An Access Control vulnerability exists in BigAntSoft BigAnt office messenger 5.6 via imwebserver, which could let a malicious user upload PHP Trojan files...

CVE-2021-43430

The CVE-2021-43430 vulnerability affects BigAntSoft BigAnt office messenger 5.6 via the im_webserver, described as an access-control flaw that could let a malicious user upload PHP Trojan files. The connected sources confirm the product and the attack vector (networks via im_webserver) and state ...

File upload vulnerability in Speedcat ERP backend management system

Ltd. is an e-commerce management product specially developed for cross border e-commerce platforms such as Selling, Amazon and Ebay. There is a file upload vulnerability in the Quickcat ERP backend management system, which can be exploited by attackers to control the server by uploading Trojan...

Microsoft Windows PowerShell Command Execution

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-WINDOWS-POWERSHELL-UNSANITIZED-FILENAME-COMMAND-EXECUTION.txt + ISR: Apparition Security Vendor www.microsoft.com Product Windows PowerShell Windows PowerShell is a...

Arbitrary File Upload Vulnerability in Metadata Platform (MetaCube) of Puyuan Information Technology Co.

Metadata Platform MetaCube of Puyuan Information Technology Co., Ltd. is a tool support for enterprises to establish metadata management system. An arbitrary file upload vulnerability exists in the MetaCube platform of Puyuan Information Technology Co. An attacker can exploit the vulnerability to...

File Upload Vulnerability in YXCMS V1.4.7 Backend

YXCMS is an efficient website management system built on PHP+MYSQL. A file upload vulnerability exists in the background of YXCMS V1.4.7. An attacker can exploit this vulnerability to upload Trojan horse files to gain control of the web server...

File Upload Vulnerability in HaoCMS Web Management System

HaoCMS is a website management system of Frontier Cloud Technology Beijing Co. HaoCMS website management system has a file upload vulnerability that can be exploited by an attacker to create a files directory and upload Trojan horse files to further gain control of the website server...

NiuShop open source mall system V1.22 file upload vulnerability

NiuShop open source mall system is by Shanxi Niu Cool Information Technology Co., Ltd. completely independent design, research and development of a set of PHP open source e-commerce system . NiuShop open source mall system V1.22 file upload vulnerability , attackers can upload Trojan horse files ...

CVE-2017-11653

Razer Synapse 2.20.15.1104 and earlier uses weak permissions for the Devices directory, which allows local users to gain privileges via a Trojan horse 1 RazerConfigNative.dll or 2 RazerConfigNativeLOC.dll file...

The vulnerabilities of PDF viewer programs such as Adobe Reader, Adobe Reader Document Cloud, and PDF editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat allow attackers to enhance their privileges.

The vulnerabilities of PDF viewer programs such as Adobe Reader, Adobe Reader Document Cloud, and PDF editing programs like Adobe Acrobat Document Cloud are related to the use of an insecure search path. Exploiting these vulnerabilities can allow a malicious actor, operating locally, to increase...

UBUNTU-CVE-2014-3248

Untrusted search path vulnerability in Puppet Enterprise 2.8 before 2.8.7, Puppet before 2.7.26 and 3.x before 3.6.2, Facter 1.6.x and 2.x before 2.0.2, Hiera before 1.3.4, and Mcollective before 2.5.2, when running with Ruby 1.9.1 or earlier, allows local users to gain privileges via a Trojan...

SECURITY.NNOV: Windows 2000 system partition weak default permissions

Title: Windows 2000 system partition weak default permissions Affected: Windows 2000 Vendor: Microsoft Author: ZARAZA [email protected] Date: August, 03 2002 Risk: Average Exploitable: Yes Remote: No Vendor notified: few months ago SECURITY.NNOV URL: http://www.security.nnov.ru Advanced inf...