16 matches found
CVE-2022-50893
VIAVIWEB Wallpaper Admin 1.0 contains an unauthenticated remote code execution vulnerability in the image upload functionality. Attackers can upload a malicious PHP file through the addgalleryimage.php endpoint to execute arbitrary code on the server...
CVE-2022-50894
VIAVIWEB Wallpaper Admin 1.0 contains an SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the imgid parameter. Attackers can send GET requests to editgalleryimage.php with malicious imgid values to extract database...
CVE-2022-50892
VIAVIWEB Wallpaper Admin 1.0 contains a SQL injection vulnerability that allows attackers to bypass authentication by manipulating login credentials. Attackers can exploit the login page by injecting 'admin' or 1=1-- - payload to gain unauthorized access to the administrative interface...
CVE-2022-50894 VIAVIWEB Wallpaper Admin 1.0 SQL Injection via edit_gallery_image.php
VIAVIWEB Wallpaper Admin 1.0 contains an SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the imgid parameter. Attackers can send GET requests to editgalleryimage.php with malicious imgid values to extract database...
CVE-2022-50893 VIAVIWEB Wallpaper Admin 1.0 - Code Execution via Image Upload
VIAVIWEB Wallpaper Admin 1.0 contains an unauthenticated remote code execution vulnerability in the image upload functionality. Attackers can upload a malicious PHP file through the addgalleryimage.php endpoint to execute arbitrary code on the server...
CVE-2022-50893
VIAVIWEB Wallpaper Admin 1.0 is affected by an unauthenticated remote code execution via image upload. The flaw resides in the image upload endpoint (add_gallery_image.php) where an attacker can upload a malicious PHP file to execute arbitrary code on the server. Affected product is VIAVIWEB Wall...
CVE-2022-50893 VIAVIWEB Wallpaper Admin 1.0 - Code Execution via Image Upload
VIAVIWEB Wallpaper Admin 1.0 contains an unauthenticated remote code execution vulnerability in the image upload functionality. Attackers can upload a malicious PHP file through the addgalleryimage.php endpoint to execute arbitrary code on the server...
CVE-2022-50892 VIAVIWEB Wallpaper Admin 1.0 - SQL Injection via Login Page
VIAVIWEB Wallpaper Admin 1.0 contains a SQL injection vulnerability that allows attackers to bypass authentication by manipulating login credentials. Attackers can exploit the login page by injecting 'admin' or 1=1-- - payload to gain unauthorized access to the administrative interface...
VIAVIWEB Wallpaper Admin SQL注入漏洞
VIAVIWEB Wallpaper Admin is a mobile application backend management system from VIAVIWEB India. A SQL injection vulnerability exists in VIAVIWEB Wallpaper Admin version 1.0, which stems from a SQL injection vulnerability in the imgid parameter that could lead to the extraction of database...
VIAVIWEB Wallpaper Admin 代码问题漏洞
VIAVIWEB Wallpaper Admin is a mobile application backend management system from VIAVIWEB India. A code issue vulnerability exists in VIAVIWEB Wallpaper Admin version 1.0, which stems from an unauthenticated remote code execution vulnerability in the image upload functionality that could lead to t...
PT-2026-2369
Name of the Vulnerable Software and Affected Versions VIAVIWEB Wallpaper Admin version 1.0 Description The software contains an unauthenticated remote code execution issue in the image upload functionality. An attacker can upload a malicious PHP file through the add gallery image.php API endpoint...
PT-2026-2368
Name of the Vulnerable Software and Affected Versions VIAVIWEB Wallpaper Admin version 1.0 Description The software contains a SQL injection issue that allows attackers to bypass authentication. Attackers can manipulate login credentials, specifically by injecting a payload such as 'admin' or 1=1...
VIAVIWEB Wallpaper Admin SQL注入漏洞
VIAVIWEB Wallpaper Admin is a mobile application backend management system from VIAVIWEB India. A SQL injection vulnerability exists in VIAVIWEB Wallpaper Admin version 1.0, which stems from a SQL injection vulnerability in the login credentials that could lead to bypassing authentication...
VIAVIWEB Wallpaper Admin 1.0 - Multiple Vulnerabilities
Exploit Title: VIAVIWEB Wallpaper Admin 1.0 - Multiple Vulnerabilities Google Dork: intext:"Wallpaper Admin" "LOGIN" "password" "Username" Exploit Author: Edd13Mora Vendor Homepage: www.viaviweb.com Version: N/A Tested on: Windows 11 - Kali Linux ------------------ SQLI on the Login page...
VIAVIWEB Wallpaper Admin 1.0 - Multiple Vulnerabilities
Exploit Title: VIAVIWEB Wallpaper Admin 1.0 - Multiple Vulnerabilities Google Dork: intext:"Wallpaper Admin" "LOGIN" "password" "Username" Date: 18/09/2022 Exploit Author: Edd13Mora Vendor Homepage: www.viaviweb.com Version: N/A Tested on: Windows 11 - Kali Linux ------------------ SQLI on the...
VIAVIWEB Wallpaper Admin SQL Injection / Shell Upload Vulnerabilities
Exploit Title: VIAVIWEB Wallpaper Admin - Multiple vulnrabilities Google Dork: intext:"Wallpaper Admin" "LOGIN" "password" "Username" Exploit Author: Edd13Mora Vendor Homepage: www.viaviweb.com Version: N/A Tested on: Windows 11 - Kali Linux ------------------ SQLI on the Login page...