162 matches found
EUVD-2024-32264
Malicious code in bioql PyPI...
SQL Injection Vulnerability in DSS Digital Surveillance System of Zhejiang Dahua Technology Co.
DSS Digital Surveillance System is a security video surveillance system with real-time monitoring, PTZ operation, video playback, alarm processing, device management and other functions. DSS Digital Surveillance System of Zhejiang Dahua Technology Co., Ltd. suffers from SQL injection vulnerabilit...
CVE-2024-3689
A vulnerability classified as problematic has been found in Zhejiang Land Zongheng Network Technology O2OA up to 20240403. Affected is an unknown function of the file /xportalassemblesurface/jaxrs/portal/list?v=8.2.3-4-43f4fe3. The manipulation leads to information disclosure. It is possible to...
CVE-2024-46088
An arbitrary file upload vulnerability in the ProductAction.entphone interface of Zhejiang University Entersoft Customer Resource Management System v2002 to v2024 allows attackers to execute arbitrary code via uploading a crafted file...
SQL Injection Vulnerability in DSS of Zhejiang Dahua Technology Co.
Zhejiang Dahua Technology Co., Ltd. is the world's leading video-centered intelligent IOT solution provider and operation service provider. A SQL injection vulnerability exists in the DSS of Zhejiang Dahua Technology Co. Ltd, which can be exploited by attackers to obtain sensitive information fro...
SQL Injection Vulnerability in the Video Management Platform of Zhejiang YUV Technology Co.
uniview, a global provider of AIoT products, solutions and full-stack capabilities. A SQL injection vulnerability exists in the video management platform of Zhejiang Uniview Technology Co. Ltd, which can be exploited by an attacker to obtain sensitive information from the database...
Command Execution Vulnerability in Intelligent IOT Integrated Management Platform of Zhejiang Dahua Technology Co.
Zhejiang Dahua Technology Co., Ltd. is the world's leading video-centered intelligent IOT solution provider and operation service provider. A command execution vulnerability exists in the Intelligent IOT Integrated Management Platform of Zhejiang Dahua Technology Co. Ltd, which can be exploited b...
Information Leakage Vulnerability in DSS System of Zhejiang Dahua Technology Co.
Zhejiang Dahua Technology Co., Ltd. is the world's leading video-centered intelligent IOT solution provider and operation service provider. An information leakage vulnerability exists in the DSS system of Zhejiang Dahua Technology Co. Ltd, which can be exploited by attackers to obtain sensitive...
SQL Injection Vulnerability in Intelligent Park Integrated Management Platform of Zhejiang Dahua Technology Co.
Zhejiang Dahua Technology Co., Ltd. is the world's leading video-centered intelligent IOT solution provider and operation service provider. A SQL injection vulnerability exists in the Smart Park Integrated Management Platform of Zhejiang Dahua Technology Co. Ltd, which can be exploited by attacke...
Command Execution Vulnerability in Intelligent Park Integrated Management Platform of Zhejiang Dahua Technology Co.
Zhejiang Dahua Co., Ltd. is a leading supplier of surveillance products and solution service provider for the world to provide leading video storage, front-end, display control and intelligent transportation and other series of products, and provide to provide thermal imaging temperature...
CVE-2024-46088
An arbitrary file upload vulnerability in the ProductAction.entphone interface of Zhejiang University Entersoft Customer Resource Management System v2002 to v2024 allows attackers to execute arbitrary code via uploading a crafted file...
CVE-2024-46088
An arbitrary file upload vulnerability in the ProductAction.entphone interface of Zhejiang University Entersoft Customer Resource Management System v2002 to v2024 allows attackers to execute arbitrary code via uploading a crafted file...
Zhejiang University Entersoft Customer Resource Management System 安全漏洞
Zhejiang University Entersoft Customer Resource Management System is a customer resource management system developed by the Zhejiang University team in China. A security vulnerability exists in the Zhejiang University Entersoft Customer Resource Management System due to an arbitrary file upload...
CVE-2024-46088
An arbitrary file upload vulnerability in the ProductAction.entphone interface of Zhejiang University Entersoft Customer Resource Management System v2002 to v2024 allows attackers to execute arbitrary code via uploading a crafted file...
CVE-2024-46088
CVE-2024-46088 affects Zhejiang University Entersoft Customer Resource Management System (v2002–v2024) via the ProductAction.entphone interface. The vulnerability is an arbitrary file upload that allows remote code execution. Root cause: improper file upload handling. Impact: potential full compr...
PT-2024-31907 · Zhejiang University · Zhejiang University Entersoft Customer Resource Management System
Name of the Vulnerable Software and Affected Versions: Zhejiang University Entersoft Customer Resource Management System versions v2002 through v2024 Description: An arbitrary file upload vulnerability in the ProductAction.entphone interface allows attackers to execute arbitrary code via uploadin...
SQL Injection Vulnerability in Digital Surveillance System of Zhejiang Dahua Technology Co. Ltd (CNVD-2024-42251)
Zhejiang Dahua Technology Co., Ltd. is a leading supplier and solution provider of surveillance products. A SQL injection vulnerability exists in Digital Surveillance System of Zhejiang Dahua Technology Co. Ltd, which can be exploited by an attacker to obtain sensitive information from the databa...
SQL Injection Vulnerability in Intelligent Park Integrated Management System of Zhejiang Dahua Technology Co.(CNVD-2024-41305)
Zhejiang Dahua Technology Co., Ltd. is the world's leading video-centered intelligent IOT solution provider and operation service provider. A SQL injection vulnerability exists in the integrated management system of the Smart Park of Zhejiang Dahua Technology Co. Ltd, which can be exploited by...
Arbitrary File Download Vulnerability in Camera Service of Zhejiang Dahua Technology Co.
Zhejiang Dahua Technology Co., Ltd. is a leading supplier and solution provider of surveillance products. An arbitrary file download vulnerability exists in the camera service of Zhejiang Dahua Technology Co. Ltd, which can be exploited by attackers to obtain sensitive information...
SQL Injection Vulnerability in Intelligent Cloud Gateway Registration Management Platform of Zhejiang Dahua Technology Co.(CNVD-2024-38747)
Zhejiang Dahua Technology Co., Ltd. is the world's leading video-centered intelligent IOT solution provider and operation service provider. A SQL injection vulnerability exists in the Smart Cloud Gateway registration management platform of Zhejiang Dahua Technology Co. Ltd, which can be exploited...