51 matches found
EUVD-2025-208329
An issue in Aranda Service Desk Web Edition ASDK API 8.6 allows authenticated attackers to achieve remote code execution due to improper validation of uploaded files. An authenticated user can upload a crafted web.config file by sending a crafted POST request to /ASDKAPI/api/v8.6/item/addfile,...
CVE-2025-70995
An issue in Aranda Service Desk Web Edition ASDK API 8.6 allows authenticated attackers to achieve remote code execution due to improper validation of uploaded files. An authenticated user can upload a crafted web.config file by sending a crafted POST request to /ASDKAPI/api/v8.6/item/addfile,...
CVE-2025-70995
An issue in Aranda Service Desk Web Edition ASDK API 8.6 allows authenticated attackers to achieve remote code execution due to improper validation of uploaded files. An authenticated user can upload a crafted web.config file by sending a crafted POST request to /ASDKAPI/api/v8.6/item/addfile,...
Aranda Service Desk Web Edition 安全漏洞
Aranda Service Desk Web Edition is a process management support system developed by the American company Aranda. There is a security vulnerability in Aranda Service Desk Web Edition, which stems from improper validation of uploaded files, potentially allowing remote code execution...
EUVD-2019-7529
Malware in sbrugna...
CVE-2023-25260
Stimulsoft Designer Web 2023.1.3 is vulnerable to Local File Inclusion...
Nanjing Xindi EcoGod Windows Network Web Edition suffers from an out-of-bounds access vulnerability
Nanjing New Dixon Software Technology Co., Ltd. is a high-tech enterprise specializing in the research, development and sales of industrial control general configuration and embedded software. Nanjing Xindishen Windows Network Web Edition has an out-of-bounds access vulnerability that can be...
Nanjing Xindi EcoGod Windows Network Web Edition suffers from information leakage vulnerability
Nanjing New Dixon Software Technology Co., Ltd. is a high-tech enterprise specializing in the research, development and sales of industrial control general configuration and embedded software. Nanjing Xindishen Windows Network Web Edition has an information leakage vulnerability that can be...
Buffer Overflow Vulnerability in Nanjing Xindi Ecoshen Windows Network Web Edition (CNVD-2020-62383)
Nanjing New Dixon Software Technology Co., Ltd. is a high-tech enterprise specializing in the research, development and sales of industrial control general configuration and embedded software. Nanjing Xindishen Windows Network Web Edition suffers from a buffer overflow vulnerability, which can be...
Footy Tipping Software AFL Web Edition Code Issue Vulnerability
Footy Tipping Software AFL Web Edition is a web-based soccer competition software program. A code issue vulnerability exists in Footy Tipping Software AFL Web Edition version 2019, which can be exploited by an attacker to bypass whitelisting, upload arbitrary files and execute code by uploading a...
CVE-2019-17057
Footy Tipping Software AFL Web Edition 2019 allows XSS...
CVE-2019-17057
Footy Tipping Software AFL Web Edition 2019 allows XSS...
Cross site scripting
Footy Tipping Software AFL Web Edition 2019 allows XSS...
CVE-2019-17058
Footy Tipping Software AFL Web Edition 2019 allows arbitrary file upload and resultant remote code execution because a whitelist can be bypassed by an Administrator who uploads a crafted upload.dat file...
CVE-2019-17058
Footy Tipping Software AFL Web Edition 2019 contains a vulnerability where an Administrator can bypass a whitelist and upload a crafted upload.dat file, enabling arbitrary file upload and remote code execution. The issue affects the web edition of the Footy Tipping Software AFL 2019; exploitation...
CVE-2019-17057
Footy Tipping Software AFL Web Edition 2019 is affected by a Cross‑Site Scripting (XSS) vulnerability. Multiple sources (CNVD-2019-42565, NVD CVE-2019-17057) describe a web edition vulnerability in 2019 that enables attacker‑supplied input to trigger client‑side code execution. CNVD explicitly st...
CVE-2019-17057
Footy Tipping Software AFL Web Edition 2019 allows XSS...
KLA11285 Multiple vulnerabilities in Microsoft Windows
Multiple serious vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions, cause denial of service. Below is a complete list of vulnerabilities: 1. Multiple vulnerabilities in Windows kernel ca...
Arbitrary File Upload Vulnerability in the Web Version of FastCloud Little Helper
FastCloud Little Helper Web Edition is a free management panel system. Through the web form to manage the system, website and database program, to achieve a key to build a website, FTP, database and management of the server on the website, FTP, database, the system environment mysql, php, ftp,...
Arbitrary File Read Vulnerability in the Web Version of Fast Cloud Assistant
FastCloud Little Helper Web Edition is a free management panel system. Through the web form to manage the system, website and database program, to achieve a key to build a website, FTP, database and management of the server on the website, FTP, database, the system environment mysql, php, ftp,...