61 matches found
CVE-2023-3802 Chengdu Flash Flood Disaster Monitoring and Warning System Ajaxfileupload.ashx unrestricted upload
A vulnerability was found in Chengdu Flash Flood Disaster Monitoring and Warning System 2.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /Controller/Ajaxfileupload.ashx. The manipulation of the argument file leads to unrestricted upload. The...
CVE-2023-3802
CVE-2023-3802 affects Chengdu Flash Flood Disaster Monitoring and Warning System 2.0. The issue resides in the file /Controller/Ajaxfileupload.ashx, where manipulating the file argument enables unrestricted file uploads. Public disclosure of the exploit is noted. Remediation details are not expli...
Chengdu Flash Flood Disaster Monitoring and Warning System 代码问题漏洞
Chengdu Flash Flood Disaster Monitoring and Warning System is a flash flood disaster monitoring and warning system in Chengdu. A vulnerability exists in Chengdu Flash Flood Disaster Monitoring and Warning System version 2.0 due to a code issue with insufficient random values...
CVE-2023-3798 Chengdu Flash Flood Disaster Monitoring and Warning System upload.aspx unrestricted upload
A vulnerability has been found in Chengdu Flash Flood Disaster Monitoring and Warning System 2.0 and classified as critical. This vulnerability affects unknown code of the file /AppResource/UEditor/server/upload.aspx. The manipulation of the argument file leads to unrestricted upload. The exploit...
CVE-2023-3798
CVE-2023-3798 affects Chengdu Flash Flood Disaster Monitoring and Warning System 2.0. The vulnerability is in the file path "/App_Resource/UEditor/server/upload.aspx" where manipulation of the file parameter enables unrestricted file upload. Exploitation status is disclosed publicly in the source...
CVE-2023-3797
CVE-2023-3797 affects Gen Technology Four Mountain Torrent Disaster Prevention and Control of Monitoring and Early Warning System up to 20230712. The vulnerability is in /Duty/AjaxHandle/UploadFloodPlanFileUpdate.ashx, where manipulating the Filedata parameter enables unrestricted file upload. Ex...
Mountain Torrent Disaster Prevention and Control of Monitoring and Early Warning System 代码问题漏洞
Suncreate Mountain Flood Disaster Prevention Monitoring and Early Warning System is a Mountain Flood Disaster Prevention Monitoring and Early Warning System from Suncreate. A code issue vulnerability exists in Mountain Torrent Disaster Prevention and Control of Monitoring and Early Warning System...
Out-of-bounds
A vulnerability classified as critical was found in Suncreate Mountain Flood Disaster Prevention Monitoring and Early Warning System up to 20230706. This vulnerability affects unknown code of the file /Duty/AjaxHandle/Write/UploadFile.ashx of the component Duty Write-UploadFile. The manipulation ...
CVE-2023-3626 Suncreate Mountain Flood Disaster Prevention Monitoring and Early Warning System UpLoadFloodPlanFile UpLoadFloodPlanFile.ashx unrestricted upload
A vulnerability, which was classified as critical, has been found in Suncreate Mountain Flood Disaster Prevention Monitoring and Early Warning System up to 20230706. This issue affects some unknown processing of the file /Duty/AjaxHandle/UpLoadFloodPlanFile.ashx of the component...
CVE-2023-3626
CVE-2023-3626 affects Suncreate Mountain Flood Disaster Prevention Monitoring and Early Warning System up to 20230706. The issue resides in the UpLoadFloodPlanFile.ashx handler (UpLoadFloodPlanFile component) where manipulation of the Filedata argument allows unrestricted file upload. Exploitatio...
CVE-2023-3625
Suncreate Mountain Flood Disaster Prevention Monitoring and Early Warning System (up to 20230706) has a vulnerability in the Duty Write-UploadFile component: the /Duty/AjaxHandle/Write/UploadFile.ashx endpoint processes Filedata and allows unrestricted upload. This can be exploited remotely and i...
CVE-2023-3623
A vulnerability was found in Suncreate Mountain Flood Disaster Prevention Monitoring and Early Warning System up to 20230704. It has been rated as critical. Affected by this issue is some unknown functionality of the file /Duty/AjaxHandle/UploadHandler.ashx of the component Duty Module. The...
CVE-2023-3623 Suncreate Mountain Flood Disaster Prevention Monitoring and Early Warning System Duty Module UploadHandler.ashx unrestricted upload
A vulnerability was found in Suncreate Mountain Flood Disaster Prevention Monitoring and Early Warning System up to 20230704. It has been rated as critical. Affected by this issue is some unknown functionality of the file /Duty/AjaxHandle/UploadHandler.ashx of the component Duty Module. The...
CVE-2023-3623 Suncreate Mountain Flood Disaster Prevention Monitoring and Early Warning System Duty Module UploadHandler.ashx unrestricted upload
A vulnerability was found in Suncreate Mountain Flood Disaster Prevention Monitoring and Early Warning System up to 20230704. It has been rated as critical. Affected by this issue is some unknown functionality of the file /Duty/AjaxHandle/UploadHandler.ashx of the component Duty Module. The...
CVE-2023-3623
CVE-2023-3623 affects Suncreate Mountain Flood Disaster Prevention Monitoring and Early Warning System (versions up to 20230704). The vulnerability is in the Duty Module, specifically the file path /Duty/AjaxHandle/UploadHandler.ashx, where manipulating the Filedata argument enables unrestricted ...
Suncreate Mountain Flood Disaster Prevention Monitoring and Early Warning System 代码问题漏洞
Suncreate Mountain Flood Disaster Prevention Monitoring and Early Warning System is a flash flood prevention monitoring and early warning system from Suncreate. A code issue vulnerability exists in Suncreate Mountain Flood Disaster Prevention Monitoring and Early Warning System 20230706 and earli...
Emergency Alert System Flaws Could Let Attackers Transmit Fake Messages
The U.S. Department of Homeland Security DHS has warned of critical security vulnerabilities in Emergency Alert System EAS encoder/decoder devices. If left unpatched, the issues could allow an adversary to issue fraudulent emergency alerts over TV, radio, and cable networks. The August 1 advisory...
File Upload Vulnerability in Flash Flood Monitoring and Early Warning System of Siltronic Ltd.
Siltronic is a technology-based enterprise dedicated to the cause of disaster prevention and mitigation in China. A file upload vulnerability exists in the Flash Flood Monitoring and Early Warning System of Sicron Technology Co. Ltd, which can be exploited by attackers to gain control of the serv...
Detect Exploitation Attempts With Qualys XDR (Beta)
The recently announced Log4JShell / CVE-2021-44228 exploit is the latest reminder of why it’s so important to maintain an enterprise-wide view of your security posture. The heart of the exploit centers around misuse of the JNDI lookup function built into log4j. Impact: There are multiple proofs o...
SQL Injection Vulnerability in Flash Flood Monitoring and Early Warning System of Fujian SiChuang Software Co.
Fujian SiChuang Software Co., Ltd. is a technology-based enterprise dedicated to the cause of disaster prevention and mitigation in China. It specializes in providing disaster prevention and mitigation emergency command system solutions for the government, disaster prevention and mitigation...