Arbitrary File Upload Vulnerability in SignName Parameter of Tibco Call Center System

The core of Tibco's call center system is a communication-based system for internal and external corporate communication. An arbitrary file upload vulnerability exists in the signName parameter of the Tibus Communication Call Center System. 1 File upload: /sysmaint/import/import.php, save...

File upload vulnerability in the file /userweb/php/index/daPing.class.php of the Tibus Communications call center system

The core of Tibco's call center system is a communication-based system for internal and external corporate communication. A file upload vulnerability exists in the file /userweb/php/index/daPing.class.php in the Tibco Call Center System. The vulnerability allows an attacker to upload a webshell a...

File upload vulnerability in the file /justsetting/justsetting3.php of the Tidetime Communications call center system

The core of Tibco's call center system is a communication-based system for internal and external corporate communication. A file upload vulnerability exists in the file /justsetting/justsetting3.php in the Tidetime Communications Call Center System. The vulnerability can be exploited to upload a...

Tunnel TCP connections over HTTP: Tunna

Tunnel TCP connections over HTTP Tunna is a set of tools which will wrap and tunnel any TCP communication over HTTP. It can be used to bypass network restrictions in fully firewalled environments. In a fully firewalled inbound and outbound connections restricted – except the webserver port. The...

Thinksns open source microblogging system has a file upload vulnerability

Thinksns is an open source microblogging system. Thinksns is an open source microblogging system file upload vulnerability, through the local construction of the upload form, can be uploaded webshell, to obtain control of the server...

Enterprise Intelligence Series Internet Behavior Management Appliances Exposed to Arbitrary File Upload Vulnerability

The Enterprise Intelligence series of Internet behavior management devices are dedicated to preventing the malicious spread of illegal information. An arbitrary file upload vulnerability exists in the EIZO series of Internet behavior management devices. An attacker can use the vulnerability to...

PHPCMS V9 version of the background design flaws lead to arbitrary code execution vulnerability

Source link: http://www.cnbraid.com/ 0x01 background Since the default after installation requires Super administrator privileges, so the vulnerability is very tasteless, but the feeling should be in other cms, there are also, so the main share under the mining idea PS: using the test environment...

ZKTeco ZKBioSecurity 3.0 - Hard-Coded Credentials SYSTEM Remote Code Execution

ZKTeco ZKBioSecurity 3.0 - Hard-Coded Credentials SYSTEM Remote Code Execution ZKTeco ZKBioSecurity 3.0 Hardcoded Credentials Remote SYSTEM Code Execution Vendor: ZKTeco Inc. | Xiamen ZKTeco Biometric Identification Technology Co.,ltd Product web page: http://www.zkteco.com Affected version:...

SQL Injection Vulnerability in Remote Rapid Application Access Solution System mxcheckuserMachine.php Page Parameter a of UFIDA Information Technology Ltd.

UFIDA UPC Information Technology Co., Ltd. remote rapid application access solution is to use U8 remote access can be realized instantly access to the company's application systems and enterprise information and simplify the deployment and management of complex computing environment. The product...

ZKTeco ZKBioSecurity 3.0 - Hard-Coded Credentials SYSTEM Remote Code Execution

ZKTeco ZKBioSecurity 3.0 Hardcoded Credentials Remote SYSTEM Code Execution Vendor: ZKTeco Inc. | Xiamen ZKTeco Biometric Identification Technology Co.,ltd Product web page: http://www.zkteco.com Affected version: 3.0.1.0R230 Platform: 3.0.1.0R230 Personnel: 1.0.1.0R1916 Access: 6.0.1.0R1757...

Beijing Oriental Wenhui Website Group Content Management System Has Design Flaws and Vulnerabilities

Oriental Wenhui Super Website Group Content Management System is a set of platform system specialized in website development and management for government agencies, enterprises and public institutions. The product has a design flaw vulnerability, there is a design flaw in the copy function of the...

Arbitrary File Write Vulnerability on Server Side of NJ MAGAPP Products

MAGAPP is a forum mobile client management system developed for local urban communities, including iOS, Android cell phone, PC management system, independent Discuz and multi-platform sharing components, able to dock the urban community website database and run independently on the local...

PaKnPost Pro 1.14 - Multiple Vulnerabilities

Exploit Title: PaKnPost Pro Arbitrary File Upload & Remote Code Execution Date: 2016-07-06 Product: PaKnPost Pro Vendor Homepage: http://www.paknpost.org Software Link: https://sourceforge.net/projects/paknpost/ Version: =1.14 Tested on: Windows, Linux Exploit Authors: Edvin Rustemagic, Grega...

Riverbed SteelCentral NetProfiler NetExpress 10.8.7 - Multiple Vulnerabilities

Riverbed SteelCentral NetProfiler NetExpress 10.8.7 - Multiple Vulnerabilities , , . '.' '. ', . , '. , .', , / / / \ \ ==/ /\ \ / / \ / \ / / | \ \ Y Y \ / /| / \ /||| / / /.-. / /:wq x.0 '=.|w|.=' =''"''=. presents.. Riverbed SteelCentral NetProfiler & NetExpress Multiple Vulnerabilities...

Riverbed SteelCentral NetProfiler / NetExpress 10.8.7 XSS / Code Execution

, , . '.' '. ', . , '. , .', , / / / \ \ ==/ /\ \ / / \ / \ / / | \ \ Y Y \ / /| / \ /||| / / /.-. / /:wq x.0 '=.|w|.=' =''"''=. presents.. Riverbed SteelCentral NetProfiler & NetExpress Multiple Vulnerabilities Affected versions: SteelCentral NetProfiler = 10.8.7 & SteelCentral NetExpress...

Airia - Arbitrary File Upload

Airia - Arbitrary File Upload Exploit Title: Airia - Webshell Upload Vulnerability Date: 2016-06-20 Exploit Author: HaHwul Exploit Author Blog: www.hahwul.com Vendor Homepage: http://ytyng.com Software Link: https://github.com/ytyng/airia/archive/master.zip Version: Latest commit Tested on: Debia...

Airia - Arbitrary File Upload

Exploit for php platform in category web applications Exploit Title: Airia - Webshell Upload Vulnerability Date: 2016-06-20 Exploit Author: HaHwul Exploit Author Blog: www.hahwul.com Vendor Homepage: http://ytyng.com Software Link: https://github.com/ytyng/airia/archive/master.zip Version: Latest...

Airia Shell Upload

Exploit Title: Airia - Webshell Upload Vulnerability Date: 2016-06-20 Exploit Author: HaHwul Exploit Author Blog: www.hahwul.com Vendor Homepage: http://ytyng.com Software Link: https://github.com/ytyng/airia/archive/master.zip Version: Latest commit Tested on: Debian wheezy require "net/http"...

Airia - Arbitrary File Upload

Exploit Title: Airia - Webshell Upload Vulnerability Date: 2016-06-20 Exploit Author: HaHwul Exploit Author Blog: www.hahwul.com Vendor Homepage: http://ytyng.com Software Link: https://github.com/ytyng/airia/archive/master.zip Version: Latest commit Tested on: Debian wheezy require "net/http"...

Remote Command Execution Vulnerability in the Video Equipment System of Clearstream Xun (Beijing) Technology Co.

StreamOcean, Inc. is the world's leading high-technology company dedicated to delivering high-definition interactive video over the Internet, with its fully independent intellectual property rights in the StreamOcean Video Delivery Network SOVDN, which provides the infrastructure for full video...