漏洞描述
宇视科技Uniview ISC 2500-S网络硬盘录像机存在远程命令注入漏洞,此漏洞是程序对用户输入VM.php的数据缺乏校验导致的。
宇视科技ISC 2500-S VM.php CVE-2024-0778 远程命令注入漏洞
PoC代码
暂无相关漏洞推荐
- phpMyFAQ /api/setup/backup 信息泄露漏洞(CVE-2025-69200)
- PHP 安全漏洞
- POC CVE-2019-10647: ZZZCMS ZZZPHP 1.6.3 – Remote PHP Code Execution (RCE)
- POC CVE-2023-38875: PHP Login System 2.0.1 - Cross-Site Scripting
- POC functions-php-disclosure: functions.php Full Path Disclosure
- TVT 数码科技 NVMS-1000 / 文件读取漏洞
- POC CVE-2025-44136: MapTiler Tileserver-php v2.0 - Unauthenticated XSS
- POC CVE-2025-44137: MapTiler Tileserver-php v2.0 - Unauthenticated File Read
- POC generic-php-files: Generic PHP Backup Information Disclosure
- 智联云仓VMS 存在SQL注入漏洞
- PHPGurukul Employee Record Management System 代码注入漏洞
- (CVE-2025-41252) VMware NSX未认证的用户名枚举漏洞
- (CVE-2025-41246) VMware Tools for Windows授权不当漏洞