2123 matches found
NewsOne CMS 代码问题漏洞
NewsOne CMS is a web-based news, magazine script. It is possible to develop your own media/news website. A security vulnerability exists in NewsOne CMS version 1.1.0, which originates from an arbitrary file upload vulnerability in the component of the software, which allows an attacker to use a...
Exploit for SQL Injection in Agentejo Cockpit
Cockpit CMS NoSQL Injection to Remote Code Execution : CVE-202...
CVE-2020-19302
An arbitrary file upload vulnerability in the avatar upload function of vaeThink v1.0.1 allows attackers to open a webshell via changing uploaded file suffixes to ".php"...
CVE-2020-19302
An arbitrary file upload vulnerability in the avatar upload function of vaeThink v1.0.1 allows attackers to open a webshell via changing uploaded file suffixes to ".php"...
Design/Logic Flaw
An arbitrary file upload vulnerability in the avatar upload function of vaeThink v1.0.1 allows attackers to open a webshell via changing uploaded file suffixes to ".php"...
CVE-2020-19302
An arbitrary file upload vulnerability in the avatar upload function of vaeThink v1.0.1 allows attackers to open a webshell via changing uploaded file suffixes to ".php"...
CVE-2020-19302
The CVE-2020-19302 issue affects vaeThink v1.0.1, where the avatar upload function accepts arbitrary file uploads. The root cause is that uploaded files can be misrepresented by changing the suffix to #".php"#, enabling an attacker to execute a webshell. Impact is high per the cited sources, with...
vaeThink 代码问题漏洞
vaeThink is a software application. Based on ThinkPHP5 and Layui development, in keeping the core concept of rapid development and the road to simplicity remains unchanged at the same time, the general project of the necessary functionality of the basic development and packaging, to help users in...
ObjectPlanet Opinio 7.13 Shell Upload
Exploit Authors: Timothy Tan , Daniel Tan, Yu EnHui, Khor Yong Heng CVE: CVE-2020-26806 Exploit Title: ObjectPlanet Opinio version 7.13 allows unrestricted file upload Vendor Homepage: https://www.objectplanet.com/opinio/ Software Link: https://www.objectplanet.com/opinio/ Exploit Authors: Timoth...
ObjectPlanet Opinio 7.13 Shell Upload Vulnerability
Exploit Authors: Timothy Tan , Daniel Tan, Yu EnHui, Khor Yong Heng CVE: CVE-2020-26806 Exploit Title: ObjectPlanet Opinio version 7.13 allows unrestricted file upload Vendor Homepage: https://www.objectplanet.com/opinio/ Software Link: https://www.objectplanet.com/opinio/ Exploit Authors: Timoth...
Hutchinson Next-Generation Cloud Desktop Has File Upload Vulnerability
Hutchison Next Generation Desktop is a desktop virtualization product based on NGD Next Generation Desktop architecture. Hutchinson Next Generation Desktop has a file upload vulnerability, which can be exploited by attackers to upload a webshell and gain server privileges...
File upload vulnerability in concrete friend mixing plant ERP management system
Hunan AOKE Network Technology Co., Ltd. is a concrete enterprise informatization solution provider. The concrete friend mixing station ERP management system has an arbitrary file upload vulnerability, which can be exploited by an attacker to upload a webshell and gain server privileges...
File Upload Vulnerability in Multimedia Information Distribution System of Shenzhen Inge Intelligent Technology Co.
Shenzhen Inge Intelligent Technology Co., Ltd, general business items are: research and development, sales and leasing of computer software and hardware; Internet and Internet of Things technology development, technology consulting, technical services and so on. Shenzhen Inge Intelligent Technolo...
File Upload Vulnerability in SEMCMS Shop
SEMCMS Shop is a self-developed open source online store btc system. A file upload vulnerability exists in SEMCMS Shop. An attacker can exploit the vulnerability to upload a webshell and gain server privileges...
File Upload Vulnerability in Library Cluster Management System of Guangzhou Tutron Computer Software Development Co. Ltd (CNVD-2021-52386)
Ltd. is a high-tech enterprise integrating product research and development, application integration and customer service, with the main goal of providing high-quality application software system design, integration and maintenance services for users in the library industry. There is a file uploa...
Online Covid Vaccination Scheduler System 1.0 - Arbitrary File Upload to Remote Code Execution (Unauthenticated)
Exploit Title: Online Covid Vaccination Scheduler System 1.0 - Arbitrary File Upload to Remote Code Execution Unauthenticated Date: 2021-07-07 Exploit Author: faisalfs10x Vendor Homepage: https://www.sourcecodester.com/ Software Link:...
SQL Injection Vulnerability in RG-UAC Ruijie Unified Internet Behavior Management and Auditing System
Ruijie Unified Internet Behavior Management and Auditing System is an Internet behavior management and auditing product independently developed by Ruijie Networks. The RG-UAC Unified Internet Behavior Management and Audit System has a SQL injection vulnerability, which can be exploited by an...
Online Covid Vaccination Scheduler System 1.0 - Arbitrary File Upload to Remote Code Execution
Exploit Title: Online Covid Vaccination Scheduler System 1.0 - Arbitrary File Upload to Remote Code Execution Unauthenticated Exploit Author: faisalfs10x Vendor Homepage: https://www.sourcecodester.com/ Software Link:...
File Upload Vulnerability in Worms CMS Enterprise Content Management System
Worms CMS enterprise content management system using an object-oriented approach to the development of independent research and development of PHP framework, it is a content management system, the product is based on PHP + Mysql architecture, can run on Linux, Windows, MacOSX, Solaris and other...
File Upload Vulnerability in the Switch Centralized Management Platform of Shenzhen VMware Technology Co.
Ltd. is a network total solution and smart home solution provider. A file upload vulnerability exists in the switch centralized management platform of Shenzhen WML Technology Co. Ltd. that can be exploited by an attacker to upload a webshell and gain server privileges...