Wangjingping

2 exploits Active since Feb 2023
CVE-2023-0782 WRITEUP HIGH WRITEUP
Tenda AC23 16.03.07.45 - Out-of-bounds Write in formSetSysToolDDNS/formGetSysToolDDNS
A vulnerability was found in Tenda AC23 16.03.07.45 and classified as critical. Affected by this issue is the function formSetSysToolDDNS/formGetSysToolDDNS of the file /bin/httpd. The manipulation leads to out-of-bounds write. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-220640.
CVSS 7.2
CVE-2023-0783 WRITEUP MEDIUM WRITEUP
EcShop 4.1.5 - Unrestricted File Upload in PHP File Handler
A vulnerability was found in EcShop 4.1.5. It has been classified as critical. This affects an unknown part of the file /ecshop/admin/template.php of the component PHP File Handler. The manipulation leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-220641 was assigned to this vulnerability.
CVSS 4.7