Lucene search
K

35 matches found

Nuclei
Nuclei
added 2026/02/04 7:0 a.m.9 views

WeiPHP 5.0 - Path Traversal

WeiPHP 5.0 contains a path traversal caused by insufficient input validation of the picUrl parameter in /public/index.php/material/Material/downloadimgage, letting unauthenticated remote attackers read arbitrary files. id: CVE-2025-34045 info: name: WeiPHP 5.0 - Path Traversal author: pikpikcu...

8.7CVSS6.9AI score0.04311EPSS
Exploits1References2
CVE
CVE
added 2025/09/08 12:0 a.m.16 views

CVE-2025-55849

CVE-2025-55849 involves WeiPHP v5.0 and earlier, where a SQL injection is reported in SucaiController.class.php and the cancelTemplatee function. The CVSS 3.1 base metrics indicate a HIGH impact with local attack vector, no privileges or user interaction required, and full confidentiality/integri...

8.4CVSS7.5AI score0.00184EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2025/04/04 12:0 a.m.6 views

bigint-buffer 安全漏洞

bigint-buffer is a buffer utility program by the individual developer Michael Wei. A security vulnerability exists in bigint-buffer that stems from a buffer overflow in the toBigIntLE function, which could cause the application to crash...

8.7CVSS6.8AI score0.00565EPSS
Exploits0References3
NVD
NVD
added 2024/10/21 8:15 p.m.25 views

CVE-2022-48970

In the Linux kernel, the following vulnerability has been resolved: afunix: Get userns from inskb in unixdiaggetexact. Wei Chen reported a NULL deref in skuserns 01, and Paolo diagnosed the root cause: in unixdiaggetexact, the newly allocated skb does not have sk. 2 We must get the userns from th...

5.5CVSS0.00245EPSS
Exploits0References5
CVE
CVE
added 2024/10/21 8:5 p.m.107 views

CVE-2022-48970

CVE-2022-48970 : In the Linux kernel, a NULL pointer dereference in af_unix handling can occur when unix_diag_get_exact() processes a netlink message because a newly allocated skb may not have skb->sk. The root cause is that unix_diag_get_exact() must obtain the user namespace from the NETLINK...

5.5CVSS4.8AI score0.00245EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2024/10/21 8:5 p.m.15 views

CVE-2022-48970 af_unix: Get user_ns from in_skb in unix_diag_get_exact().

In the Linux kernel, the following vulnerability has been resolved: afunix: Get userns from inskb in unixdiaggetexact. Wei Chen reported a NULL deref in skuserns 01, and Paolo diagnosed the root cause: in unixdiaggetexact, the newly allocated skb does not have sk. 2 We must get the userns from th...

5.5CVSS5.6AI score0.00245EPSS
Exploits0References8
MSRC
MSRC
added 2024/07/24 7:0 a.m.19 views

Congratulations to the Top MSRC 2024 Q2 Security Researchers!

Congratulations to all the researchers recognized in this quarter’s Microsoft Researcher Recognition Program leaderboard! Thank you to everyone for your hard work and continued partnership to secure customers. The top three researchers of the 2024 Q2 Security Researcher Leaderboard are Yuki Chen,...

7.2AI score
Exploits0
MSRC
MSRC
added 2024/01/30 8:0 a.m.27 views

Congratulations to the Top MSRC 2023 Q4 Security Researchers!

Congratulations to all the researchers recognized in this quarter’s Microsoft Researcher Recognition Program leaderboard! Thank you to everyone for your hard work and continued partnership to secure customers. The top three researchers of the 2023 Q4 Security Researcher Leaderboard are Yuki Chen,...

7.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/12/16 12:18 a.m.3 views

wei-chih.com Improper Access Control vulnerability OBB-3815624

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

7AI score
Exploits0
Kitploit
Kitploit
added 2022/07/02 9:30 p.m.41 views

DeepTraffic - Deep Learning Models For Network Traffic Classification

For more information please read our papers.  Wei Wang's Google Scholar Homepage Wei Wang, Xuewen Zeng, Xiaozhou Ye, Yiqiang Sheng and Ming Zhu,"Malware Traffic Classification Using Convolutional Neural Networks for Representation Learning," in the 31st International Conference on Information...

6.9AI score
Exploits0References2
Code423n4
Code423n4
added 2021/09/16 12:0 a.m.9 views

_harvest and _swap

Handle tensors Vulnerability details Impact The minimum amount out on the implemented harvest and swap methods means that attackers can manipulate the price with flashloans/frontrun before calling harvest to actually force the output to be small, pocketing the difference for themselves when they...

6.8AI score
Exploits0
Cvelist
Cvelist
added 2021/05/07 9:30 a.m.25 views

CVE-2021-30172 Jun-He Technology Ltd. Quan-Fang-Wei-Tong-Xun system - Reflected XSS

Special characters of picture preview page in the Quan-Fang-Wei-Tong-Xun system are not filtered in users’ input, which allow remote authenticated attackers can inject malicious JavaScript and carry out Reflected XSS Cross-site scripting attacks, additionally access and manipulate customer’s...

4.6CVSS5.4AI score0.00586EPSS
Exploits0References1
CVE
CVE
added 2021/05/07 9:30 a.m.43 views

CVE-2021-30172

CVE-2021-30172 affects the Jun-He/Quan-Fang-Wei-Tong-Xun system: special characters on the image preview page input are not filtered, enabling a remote authenticated attacker to inject JavaScript via reflected XSS and access/manipulate customer information. Connected sources confirm the XSS vecto...

5.4CVSS4.7AI score0.00586EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2020/12/18 12:0 a.m.6 views

Weiphp SQL注入漏洞

weiphp is an open source, efficient and simple microsoft development platform. A SQL injection vulnerability exists in the wpwhere function in WeiPHP 5.0. No detailed vulnerability details are provided at this time...

9.8CVSS7.4AI score0.08752EPSS
Exploits1References2
CNVD
CNVD
added 2020/07/09 12:0 a.m.0 views

File inclusion vulnerability in WeiPHP Ad***.cl***.php file at Shenzhen Yuanmeng Cloud Technology Co.

WeiPHP is an open source WeChat public platform development framework, can easily build a personal WeChat public account operation platform. Shenzhen Yuanmeng Yun Technology Co., Ltd WeiPHP Ad.cl.php file file contains a file inclusion vulnerability, which can be exploited by an attacker to gain...

7.1AI score
Exploits0
CNVD
CNVD
added 2020/03/31 12:0 a.m.1 views

WeiPHP has an XSS vulnerability

WeiPHP is an open source WeChat public platform development framework, can easily build a personal WeChat public account operation platform. WeiPHP has an XSS vulnerability. An attacker can exploit this vulnerability to execute malicious scripts and obtain administrator cookies...

6.6AI score
Exploits0
CNVD
CNVD
added 2019/01/04 12:0 a.m.3 views

WeiPHP 5.0beta frontend has an override access vulnerability

WeiPHP is an open source WeChat public platform development framework, can easily build a personal WeChat public account operation platform. WeiPHP5.0beta front-end has an override access vulnerability. The vulnerability stems from the user operation does not verify the identity, the attacker can...

6.9AI score
Exploits0
CNVD
CNVD
added 2018/07/12 12:0 a.m.2 views

Denial of Service Vulnerability in NSecKrnl32 Driver of Wei-Eye Computerized Supervisory System of Shandong Anzai Information Technology Co.

PowerEye Computer Supervision System is a professional company computer monitoring and LAN monitoring software. It monitors computer screens and also manages users' online behavior. The NSecKrnl32 driver of Shandong Anzai Information Technology Co., Ltd. has a denial of service vulnerability that...

6.7AI score
Exploits0
RubySec
RubySec
added 2018/01/29 12:0 a.m.33 views

Nokogiri gem, via libxml, is affected by DoS vulnerabilities

The version of libxml2 packaged with Nokogiri contains a vulnerability. Nokogiri has mitigated these issue by upgrading to libxml 2.9.5. Wei Lei discovered that libxml2 incorrecty handled certain parameter entities. An attacker could use this issue with specially constructed XML data to cause...

7.5CVSS3.3AI score0.05928EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2017/12/05 1:44 p.m.3 views

USN-3504-1 libxml2 vulnerability

Wei Lei discovered that libxml2 incorrecty handled certain parameter entities. An attacker could use this issue with specially constructed XML data to cause libxml2 to consume resources, leading to a denial of service...

7.5CVSS6.8AI score0.05928EPSS
Exploits0References2
Rows per page
Query Builder