207 matches found
EUVD-2022-39278
Malicious code in bioql PyPI...
CVE-2022-36572
Sinsiu Sinsiu Enterprise Website System v1.1.1.0 was discovered to contain a remote code execution RCE vulnerability via the component /upload/admin.php?/deal/...
CVE-2023-39115
install/aiz-uploader/upload in Campcodes Online Matrimonial Website System Script 3.3 allows XSS via a crafted SVG document...
CVE-2023-39115
install/aiz-uploader/upload in Campcodes Online Matrimonial Website System Script 3.3 allows XSS via a crafted SVG document...
CVE-2023-39115
install/aiz-uploader/upload in Campcodes Online Matrimonial Website System Script 3.3 allows XSS via a crafted SVG document...
CVE-2023-39115
CVE-2023-39115 affects Campcodes Online Matrimonial Website System Script 3.3. the vulnerability is an arbitrary file upload via a crafted SVG, enabling code execution (SVG contains script and external navigation). Root cause: insufficient validation of uploaded SVG files. Affected component: ins...
CVE-2023-1418
A vulnerability classified as problematic was found in SourceCodester Friendly Island Pizza Website and Ordering System 1.0. Affected by this vulnerability is an unknown functionality of the file cashconfirm.php of the component POST Parameter Handler. The manipulation of the argument...
EARCLINK ESPCMS 安全漏洞
Honghu Erchuang Netlink Information Technology EARCLINK ESPCMS is an enterprise website building system from Honghu Erchuang Netlink Information Technology, China. A security vulnerability exists in EARCLINK ESPCMS version P8.21120101, which originated from the discovery of a remote code executio...
Remote code execution
Sinsiu Sinsiu Enterprise Website System v1.1.1.0 was discovered to contain a remote code execution RCE vulnerability via the component /upload/admin.php?/deal/...
CVE-2022-36572
Sinsiu Sinsiu Enterprise Website System v1.1.1.0 is affected by CVE-2022-36572, a remote code execution (RCE) vulnerability exploitable via the component /upload/admin.php?/deal/. The PT-2022-23479 advisory confirms an RCE impact and notes there is no available patch/version with a fix, recommend...
PT-2022-23479 · Sinsiu · Sinsiu Enterprise Website System
Name of the Vulnerable Software and Affected Versions: Sinsiu Sinsiu Enterprise Website System version 1.1.1.0 Description: The issue is related to a remote code execution RCE vulnerability. It can be exploited via the component /upload/admin.php?/deal/. Recommendations: For Sinsiu Sinsiu...
EARCLINK ESPCMS SQL注入漏洞
Honghu Erchuang Netlink Information Technology EARCLINK ESPCMS is an enterprise website building system from China's Honghu Erchuang Netlink Information Technology Company. A SQL injection vulnerability exists in the espcmsweb/Search.php component of EARCLINK ESPCMS-P8, which can be exploited by...
File Upload Vulnerability in OKLite
OKLite is an enterprise website system, the main target group is the display enterprise website users, so that the traditional small business quickly deploy the website. A file upload vulnerability exists in OKLite, which can be exploited by attackers to upload a webshell and gain server privileg...
HuCart suffers from SQL injection vulnerability (CNVD-2021-54042)
HuCart is an open source enterprise building system. HuCart has a SQL injection vulnerability that can be exploited by attackers to obtain sensitive database information...
XSS vulnerability in Jinan Speed Information Technology Co.
Jinan Speed Information Technology Co., Ltd. was founded in 2010, is a network technology company focusing on user experience design and development and Internet branding. There is an XSS vulnerability in Jinan Speed Information Technology Co., Ltd.'s website building system, which can be exploit...
SQL Injection Vulnerability in Guangzhou Baiwei Network Technology Co.
Guangzhou Baiwei Network Technology Co., Ltd. is committed to focusing on website construction, small program, APP, WeChat development and so on. Guangzhou Baiwei Network Technology Co., Ltd. website construction system SQL injection vulnerability, attackers can use the vulnerability to obtain...
SQL Injection Vulnerability in Shenzhen Zhengye Jiu Kun Information Technology Co.
Shenzhen Zhengye Jiu Kun Information Technology Co., Ltd. is a national high-tech enterprise engaged in intelligent manufacturing overall program planning and design, integrated application and industrial Internet platform development. Ltd. building system there is a SQL injection vulnerability,...
SQL Injection Vulnerability in Website Building System of Wuhan Dongxin Tongbang Information Technology Co.
Wuhan Dongxin Tongbang Information Technology Co., Ltd ETAH is a high-tech enterprise with a number of highly independent core intellectual property rights. There is a SQL injection vulnerability in the website building system of Wuhan Dongxin Tongbang Information Technology Co. Attackers can...
SQL Injection Vulnerability in the Website Building System of Haikou ECCOM Sky Information Technology Company Limited (CNVD-2021-41234)
hereinafter referred to as "ECCOM Sky" is a collection of website construction, website planning, website optimization, search engine optimization and a variety of office software development, program development in one of the high-speed and healthy development of network information technology...
SQL Injection Vulnerability in Website Building System of Shanghai Enterprise Torch Advertising Media Co.
Ltd. is committed to providing all kinds of enterprises and institutions with network domain name registration, web hosting rental, website construction and maintenance, website promotion and publicity, website revision and translation, enterprise post office, network payment, system integration,...