An issue was discovered in Picture_Manage_mvc.aspx in AUO SunVeillance Monitoring System before v1.1.9e. There is an incorrect access control vulnerability that can allow an unauthenticated user to upload files via a modified authority parameter.
CPE | Name | Operator | Version |
---|---|---|---|
sunveillance_monitoring_system_\\&_data_recorder | eq | < 1.1.9e |