Serious Exchange Flaw Still Plagues 350K Servers

Over 80 percent of exposed Exchange servers are still vulnerable to a severe vulnerability – nearly two months after the flaw was patched, and after researchers warned that multiple threat groups were exploiting it. The vulnerability in question CVE-2020-0688 exists in the control panel of...

File Upload Vulnerability in kitecms 5.1.38

KiteCMS open source web content management system CMS, the system is based on the framework ThinkPHP5.1. version of the development , suitable for individuals, enterprises to quickly build stations and development needs. kitecms 5.1.38 file upload vulnerability , attackers can use the vulnerabili...

WordPress Plugin Event-Registration Arbitrary File Upload Vulnerability

WordPress is a blogging platform based on the PHP language, which can be used to set up a website on a server that supports PHP and MySQL databases, and can also be used as a content management system CMS. An arbitrary file upload vulnerability exists in the WordPress plugin Event-Registration,...

Scanners-Box

This is a collection of open-source scanning tools, referred to as "Scanners Box" or "scanbox." The project is a repository of various tools for scanning and testing web applications, IoT devices, and other targets. The tools are primarily used for vulnerability scanning, penetration testing, and...

JunAms content management system suffers from a file upload vulnerability (CNVD-2020-24741)

JunAMS is an open source content management system with ThinkPHP as its framework. JunAMS content management system has a file upload vulnerability that can be exploited by an attacker to upload a webshell and gain server privileges...

JunAms content management system suffers from a file upload vulnerability (CNVD-2020-24740)

JunAMS is an open source content management system with ThinkPHP as its framework. JunAMS content management system has a file upload vulnerability that can be exploited by an attacker to upload a webshell and gain server privileges...

JunAms content management system suffers from a file upload vulnerability (CNVD-2020-24739)

JunAMS is an open source content management system with ThinkPHP as its framework. JunAMS content management system has a file upload vulnerability that can be exploited by an attacker to write a webshell and gain server privileges...

Hubei Tao code thousand dimensional information technology limited company gold micro cell phone mall system file upload vulnerability

Jinwei mobile mall system is suitable for micro-business customers with public number, imitating the page layout of the hand Tao, support embedded video playback. Support customized model specifications, the main specifications support attached pictures, each subdivided model support inventory...

D Shield of Shenzhen DiYuan Technology Co., Ltd. suffers from webshell bypass vulnerability (CNVD-2020-23537)

D ShieldFirewall is an active defense protection software designed for IIS. D-Shield has a webshell bypass vulnerability, which can be exploited by attackers to bypass detection and gain access to the control privileges of the target server...

Webshell bypass vulnerability in Web Security Dog (apache version V4.0) of Xiamen Service Cloud Information Technology Co.

Website Security Dog Apache Edition is a server tool that integrates website content security protection, website resource protection and website traffic protection features. Web Security Dog Apache Edition V4.0 has a webshell bypass vulnerability. Attackers can use the vulnerability to bypass th...

Webshell bypass vulnerability in Web Security Dog (apache version V4.0) of Xiamen Service Cloud Information Technology Co. Ltd (CNVD-2020-23541)

Website Security Dog Apache Edition is a server tool that integrates website content security protection, website resource protection and website traffic protection features. Web Security Dog Apache Edition V4.0 has a webshell bypass vulnerability. Attackers can use the vulnerability to bypass th...

SchoolCMS has a file upload vulnerability

SchoolCMS is a school teaching management system based on PHP+MySQL. SchoolCMS v2.3.1 suffers from an arbitrary file upload vulnerability. An attacker can exploit the vulnerability to upload a webshell and gain server privileges...

File upload vulnerability in yiqicms lu***.php file

Yiqi CMS yiqicms is a content management system CMS for marketing-oriented enterprise websites. A file upload vulnerability exists in the yiqicms lu.php file. An attacker can exploit the vulnerability to upload a webshell and gain server privileges...

File Upload Vulnerability in WMCMS

WMCMS is based on PHP + MYSQL as the core development, free + open source professional Chinese labeling system. WMCMS has a file upload vulnerability. An attacker can use the vulnerability to upload a webshell and gain server privileges...

Arbitrary file upload vulnerability in ideacms In***.php file

ideacms is a lightweight PHP+Mysql enterprise website construction system, with CI framework as the core, to create a website construction system suitable for enterprise official website, group official website and personal blog program. ideacms In.php file has an arbitrary file upload...

Microsoft Exchange Server Flaw Exploited in APT Attacks

Multiple threat groups are actively exploiting a vulnerability in Microsoft Exchange servers, researchers warn. If left unpatched, the flaw allows authenticated attackers to execute code remotely with system privileges. The vulnerability in question CVE-2020-0688 exists in the control panel of...

Webshell bypass vulnerability exists in D Shield (CNVD-2020-21033)

D-Shield is a proactive defense software designed specifically for IIS to prevent websites and servers from being compromised by internal and external protection. D-Shield suffers from a webshell bypass vulnerability, which can be exploited by attackers to bypass D-Shield and gain access to the...

Webshell Bypass Vulnerability in D-Shield_Firewall (CNVD-2020-22798)

D ShieldFirewall is a free IIS firewall software. DShieldFirewall suffers from a Webshell bypass vulnerability. An attacker can exploit this vulnerability to gain administrative privileges on a website...

Webshell Bypass Vulnerability in Web Security Dog Apache Edition (CNVD-2020-23226)

Website Security Dog APACHE Edition is a server tool that integrates website content security protection, website resource protection and website traffic protection functions to fully protect website security. Webshell bypass vulnerability exists in Website Security Dog Apache Edition, which can ...

Webshell bypass vulnerability exists in D-Shield (CNVD-2020-22799)

D Shield is a proactive defense protection software designed specifically for IIS. D-Shield suffers from a Webshell bypass vulnerability that can be exploited by attackers to gain administrative privileges on a website...