2123 matches found
File Upload Vulnerability in WaveRock DAYS Disaster Recovery Software
ASRock DAYS disaster recovery software belongs to DAYS series of optional products, which integrates disaster recovery, fault tolerance, backup and query functions, and provides one-stack infrastructure, the same disaster recovery management, elasticity, multi-layer data protection, smooth...
Command Execution Vulnerability in LzCMS Content Management System Backend
LzCMS is a simple blog system made by ThinkPHP+layui. A command execution vulnerability exists in the backend of LzCMS content management system. Attackers can use this vulnerability to upload Trojan horse files and obtain webshell...
Code execution vulnerability in Ocean CMS (CNVD-2020-68572)
Ocean CMS, also known as SEACMS, is completely open source and free of charge, adaptive to computers, cell phones, tablets, APP multi-terminal, no encryption, more secure, is a station-building tool. Ocean CMS there is a code execution vulnerability, attackers can use the vulnerability submitted...
File Upload Vulnerability in Gas Call Distribution System of Shenzhen Puyan Computer Software Technology Co.
Shenzhen Puyan Computer Software Technology Co., Ltd. is a service provider specializing in providing information technology and intelligent products for gas enterprises. A file upload vulnerability exists in the gas call distribution system of Shenzhen Puyan Computer Software Technology Co. An...
Arbitrary File Upload Vulnerability in PowerCreator CMS
PowerCreator, founded in 2003, is an international enterprise providing software development and product manufacturing for the global audio/video industry. An arbitrary file upload vulnerability exists in PowerCreator CMS. An attacker can exploit this vulnerability to upload a webshell and gain...
File Upload Vulnerability in Website Building System of Wuhan Jinglun Technology Development Co.
Wuhan Jinglun Technology Development Co., Ltd. is a company that mainly deals with software development, system integration, digital media marketing and other projects. A file upload vulnerability exists in the website building system of Wuhan Jinglun Technology Development Co. An attacker can us...
File Upload Vulnerability in BladeKeeper Website Building System V1.0
Knife building system is specifically for software developers and software affiliates of the software publishing platform for self-service website building system. A file upload vulnerability exists in KnifeBuilder V1.0, which allows an attacker to upload a webshell to a server by uploading...
Wordpress EZ-done File Manager Remote File Upload Vulnerability
WordPress is a blogging platform based on the PHP language, which can be used to set up a website on a server that supports PHP and MySQL databases, and can also be used as a content management system CMS. A remote file upload vulnerability exists in Wordpress EZ-done File Manager. An attacker ca...
WordPress plugin Simple File List arbitrary file upload vulnerability
WordPress is a blogging platform based on the PHP language, which can be used to set up a website on a server that supports PHP and MySQL databases, and can also be used as a content management system CMS. An arbitrary file upload vulnerability exists in the WordPress plugin Simple File List. An...
PDW File Browser 1.3 Shell Upload
Exploit Title: PDW File Browser 1.3 - Remote Code Execution Date: 24-10-2020 Exploit Author: David Bimmel Researchers: David Bimmel, Joost Vondeling, Ramòn Janssen Vendor Homepage: n/a Software Link: https://github.com/GuidoNeele/PDW-File-Browser Version: … ? Once you have uploaded your webshell...
PDW File Browser 1.3 - Remote Code Execution
Exploit Title: PDW File Browser 1.3 - Remote Code Execution Date: 24-10-2020 Exploit Author: David Bimmel Researchers: David Bimmel, Joost Vondeling, Ramòn Janssen Vendor Homepage: n/a Software Link: https://github.com/GuidoNeele/PDW-File-Browser Version: … ? Once you have uploaded your webshell...
Webshell-Analyzer - Web Shell Scanner And Analyzer
Web shell analyzer is a cross platform stand-alone binary built solely for the purpose of identifying, decoding, and tagging files that are suspected to be web shells. The web shell analyzer is the bigger brother to the web shell scanner project http://github.com/tstillz/webshell-scan, which only...
File Upload Vulnerability in Kaixin Helpdesk System
The Kairos Helpdesk System is a system for dealing with day-to-day issues. A file upload vulnerability exists in the Qixing Helpdesk System. An attacker can exploit the vulnerability to upload a webshell and gain server privileges...
File Upload Vulnerability in G4Studio
G4Studio is a set of free open source JavaEE-based rapid development platform . A file upload vulnerability exists in G4Studio. An attacker can exploit the vulnerability to upload a webshell and gain server privileges...
WordPress Plugin HS Brand Logo Slider 'logoupload' File Upload Vulnerability
WordPress is a blogging platform based on the PHP language, which can be used to set up a website on a server that supports PHP and MySQL databases, and can also be used as a content management system CMS. A file upload vulnerability exists in the WordPress plugin HS Brand Logo Slider 'logoupload...
File upload vulnerability in ShopXO Pa***.php file
ShopXO is an open source enterprise-level open source e-commerce system. A file upload vulnerability exists in the ShopXO Pa.php file. An attacker can exploit the vulnerability to upload webshell and gain server privileges...
File upload vulnerability in ShopXO Pl***.php file
ShopXO is an open source enterprise-level open source e-commerce system. A file upload vulnerability exists in the ShopXO Pl.php file. An attacker can exploit the vulnerability to upload a webshell and gain server privileges...
Jeecg-Boot suffers from an arbitrary file upload vulnerability
Jeecg-Boot is a code generator based rapid development platform , using front-end and back-end separation architecture : SpringBoot 2.x, Ant Design & Vue, Mybatis-plus, Shiro, JWT. Jeecg-Boot has an arbitrary file upload vulnerability. An attacker can exploit the vulnerability to upload webshell...
GOautodial 4.0 Shell Upload
Exploit Title: GOautodial 4.0 - Authenticated Shell Upload Author: Balzabu Discovery Date: 07-23-2020 Vendor Homepage: https://goautodial.org/ Software Link: https://goautodial.org/GOautodial-4-x8664-Final-20191010-0150.iso.html Tested Version: 4.0 Last relase as of today Tested on OS: CentOS 7...
GOautodial 4.0 - Authenticated Shell Upload
Exploit Title: GOautodial 4.0 - Authenticated Shell Upload Author: Balzabu Discovery Date: 07-23-2020 Vendor Homepage: https://goautodial.org/ Software Link: https://goautodial.org/GOautodial-4-x8664-Final-20191010-0150.iso.html Tested Version: 4.0 Last relase as of today Tested on OS: CentOS 7...