The wechat_return function in /controller/Index.php of EyouCms V1.5.4-UTF8-SP3 passes the user’s input directly into the simplexml_ load_ String function, which itself does not prohibit external…

DWSurvey v3.2.0 was discovered to contain an arbitrary file write vulnerability via the component /utils/ToHtmlServlet.java. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını…

DWSurvey v3.2.0 was discovered to contain a remote command execution (RCE) vulnerability via the component /sysuser/SysPropertyAction.java. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için…

The PluginsUpload function in application/service/PluginsAdminService.php of ShopXO v1.9.0 contains an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via uploading a crafted…

An arbitrary file upload vulnerability in the upload payment plugin of ShopXO v1.9.0 allows attackers to execute arbitrary code via uploading a crafted PHP file.…

Beijing Wisdom Vision Technology Industry Co., Ltd One Card Integrated Management System 3.0 is vulnerable to SQL Injection. Zafiyet ile ilgili Genel Bilgi, Etki ve…