40 matches found
EUVD-2017-1563
Malware in sbrugna...
EUVD-2017-3201
Malware in sbrugna...
EUVD-2023-49170
Malicious code in bioql PyPI...
CVE-2023-44847
An issue in SeaCMS v.12.8 allows an attacker to execute arbitrary code via the admin Weixin.php component...
CVE-2022-27336
Seacms v11.6 was discovered to contain a remote code execution RCE vulnerability via the component /admin/weixin.php...
CVE-2017-1000429
rui Li finecms 5.0.10 is vulnerable to a reflected XSS in the file Weixin.php...
CVE-2024-40518
SeaCMS 12.9 has a remote code execution vulnerability. The vulnerability is caused by adminweixin.php directly splicing and writing the user input data into weixin.php without processing it, which allows authenticated attackers to exploit the vulnerability to execute arbitrary commands and obtain...
CVE-2024-40518
SeaCMS 12.9 has a remote code execution vulnerability. The vulnerability is caused by adminweixin.php directly splicing and writing the user input data into weixin.php without processing it, which allows authenticated attackers to exploit the vulnerability to execute arbitrary commands and obtain...
CVE-2024-40519
SeaCMS 12.9 has a remote code execution vulnerability. The vulnerability is caused by adminsmtp.php directly splicing and writing the user input data into weixin.php without processing it, which allows authenticated attackers to exploit the vulnerability to execute arbitrary commands and obtain...
CVE-2024-40519
SeaCMS 12.9 has a remote code execution vulnerability. The vulnerability is caused by adminsmtp.php directly splicing and writing the user input data into weixin.php without processing it, which allows authenticated attackers to exploit the vulnerability to execute arbitrary commands and obtain...
CVE-2024-40518
SeaCMS 12.9 has a remote code execution vulnerability. The vulnerability is caused by adminweixin.php directly splicing and writing the user input data into weixin.php without processing it, which allows authenticated attackers to exploit the vulnerability to execute arbitrary commands and obtain...
CVE-2024-40518
Affected software/components: SeaCMS 12.9; vulnerable file: admin_weixin.php which writes user input directly into weixin.php without processing. Root cause / vulnerability type: Direct splicing/writing of unprocessed user input leading to remote code execution. Impact: Authenticated attackers ca...
CVE-2024-40519
SeaCMS 12.9 has a remote code execution vulnerability. The vulnerability is caused by adminsmtp.php directly splicing and writing the user input data into weixin.php without processing it, which allows authenticated attackers to exploit the vulnerability to execute arbitrary commands and obtain...
PT-2024-28895 · Seacms · Seacms
Name of the Vulnerable Software and Affected Versions: SeaCMS version 12.9 Description: The issue is caused by the admin smtp.php file directly splicing and writing user input data into weixin.php without processing it. This allows authenticated attackers to execute arbitrary commands and obtain...
CVE-2024-40518
SeaCMS 12.9 has a remote code execution vulnerability. The vulnerability is caused by adminweixin.php directly splicing and writing the user input data into weixin.php without processing it, which allows authenticated attackers to exploit the vulnerability to execute arbitrary commands and obtain...
CVE-2024-40519
SeaCMS 12.9 has a remote code execution vulnerability. The vulnerability is caused by adminsmtp.php directly splicing and writing the user input data into weixin.php without processing it, which allows authenticated attackers to exploit the vulnerability to execute arbitrary commands and obtain...
CVE-2024-40519
CVE-2024-40519 affects SeaCMS 12.9. The vulnerability arises from admin_smtp.php directly splicing and writing user input into weixin.php without processing, enabling remote code execution. An authenticated attacker could run arbitrary commands and gain system permissions. Documented severity in ...
CVE-2024-27565
A Server-Side Request Forgery SSRF in weixin.php of ChatGPT-wechat-personal commit a0857f6 allows attackers to force the application to make arbitrary requests...
Server side request forgery (ssrf)
A Server-Side Request Forgery SSRF in weixin.php of ChatGPT-wechat-personal commit a0857f6 allows attackers to force the application to make arbitrary requests...
CVE-2024-27565
A Server-Side Request Forgery SSRF in weixin.php of ChatGPT-wechat-personal commit a0857f6 allows attackers to force the application to make arbitrary requests...