33 matches found
EUVD-2020-11207
Malware in sbrugna...
EUVD-2020-11206
Malware in sbrugna...
CVE-2024-38971
vaeThink 1.0.2 is vulnerable to stored Cross Site Scripting XSS in the system backend...
CVE-2024-38970
vaeThink 1.0.2 is vulnerable to Information Disclosure via the system backend,access management administrator function...
CVE-2020-19301
A vulnerability in the vaeadminrule database table of vaeThink v1.0.1 allows attackers to execute arbitrary code via a crafted payload in the condition parameter...
CVE-2020-19302
An arbitrary file upload vulnerability in the avatar upload function of vaeThink v1.0.1 allows attackers to open a webshell via changing uploaded file suffixes to ".php"...
CVE-2024-38970
vaeThink 1.0.2 is vulnerable to Information Disclosure via the system backend,access management administrator function...
CVE-2024-38971
vaeThink 1.0.2 is vulnerable to stored Cross Site Scripting XSS in the system backend...
PT-2024-28298 · Vaethink · Vaethink
Name of the Vulnerable Software and Affected Versions: vaeThink version 1.0.2 Description: The issue is related to stored Cross Site Scripting XSS in the system backend. This means that an attacker can inject malicious scripts into the system, which can then be executed by other users, potentiall...
vaeThink Security Vulnerabilities
vaeThink is a software application. Based on ThinkPHP5 and Layui, while keeping the core concept of rapid development and simplicity, vaeThink provides basic development and encapsulation of functions necessary for general projects, helping users to quickly complete the basic functions when...
CVE-2024-38970
vaeThink 1.0.2 is vulnerable to Information Disclosure via the system backend,access management administrator function...
CVE-2024-38970
The CVE-2024-38970 entries describe a vulnerability in vaeThink 1.0.2 where information disclosure can occur through the system backend, specifically via the access management administrator function. Available sources consistently identify the affected software (vaeThink 1.0.2) and the impact as ...
CVE-2024-38971
CVE-2024-38971 affects vaeThink 1.0.2 and is a stored XSS vulnerability in the system backend. Multiple sources (Red Hat, NVD, OSV, CNNVD, CVE lists) confirm the issue; exploitation details are not provided in the documents. Some connected sources (PT-Security) advise temporarily disabling the ba...
CVE-2024-38971
vaeThink 1.0.2 is vulnerable to stored Cross Site Scripting XSS in the system backend...
CVE-2024-38971
vaeThink 1.0.2 is vulnerable to stored Cross Site Scripting XSS in the system backend...
vaeThink Security Vulnerabilities
vaeThink is a software application. Based on ThinkPHP5 and Layui development, while keeping the core concepts of rapid development and the road to simplicity unchanged, it provides basic development and encapsulation of the functions necessary for general projects, helping users to quickly comple...
CVE-2020-19302
An arbitrary file upload vulnerability in the avatar upload function of vaeThink v1.0.1 allows attackers to open a webshell via changing uploaded file suffixes to ".php"...
CVE-2020-19302
An arbitrary file upload vulnerability in the avatar upload function of vaeThink v1.0.1 allows attackers to open a webshell via changing uploaded file suffixes to ".php"...
CVE-2020-19301
A vulnerability in the vaeadminrule database table of vaeThink v1.0.1 allows attackers to execute arbitrary code via a crafted payload in the condition parameter...
CVE-2020-19301
A vulnerability in the vaeadminrule database table of vaeThink v1.0.1 allows attackers to execute arbitrary code via a crafted payload in the condition parameter...