14 matches found
CVE-2019-11367
An issue was discovered in AUO Solar Data Recorder before 1.3.0. The web portal uses HTTP Basic Authentication and provides the account and password in the WWW-Authenticate attribute. By using this account and password, anyone can login successfully...
CVE-2025-11367
creationtimestamp| type| source ---|---|--- 2025-11-12 20:01:34+00:00| seen| https://bsky.app/profile/jos1264.social.skynetcloud.site.ap.brid.gy/post/3m5hgvruz7az2 2025-11-12 20:39:47+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m5hj3xk3v52x 2025-11-13 04:32:22+00:00| seen|...
CVE-2025-11367
The CVE-2025-11367 entry affects the N-central Software Probe (windows) prior to version 2025.4. The vulnerability relies on deserialization, allowing remote code execution with network access and no authentication. Impact is described as full compromise of affected systems (high confidentiality,...
CVE-2018-11367
An issue was discovered in CppCMS before 1.2.1. There is a denial of service in the JSON parser module...
CVE-2024-11367
The Smoove connector for Elementor forms plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 4.1.0. This makes it possible for unauthenticated attackers to inject arbitrary...
CVE-2020-11367
...
CVE-2020-11367
CVE-2020-11367 is rejected/not used and does not represent an active vulnerability entry.
CVE-2019-11367
CVE-2019-11367 affects AUO Solar Data Recorder pre-1.3.0. The web portal uses HTTP Basic Authentication and leaks credentials via the WWW-Authenticate header, allowing login with exposed account/password without further authentication. Exploitable by accessing the /protect/ area; multiple public ...
AUO Solar Data Recorder 1.3.0 - Incorrect Access Control
AUO Solar Data Recorder 1.3.0 - Incorrect Access Control Exploit Title: AUO Solar Data Recorder - Incorrect Access Control Date: 2019-04-16 Exploit Author: Luca.Chiou Vendor Homepage: https://www.auo.com/zh-TW Version: AUO Solar Data Recorder all versions prior to v1.3.0 Tested on: It is a...
AUO Solar Data Recorder < 1.3.0 - Incorrect Access Control
Exploit for hardware platform in category web applications Exploit Title: AUO Solar Data Recorder - Incorrect Access Control Exploit Author: Luca.Chiou Vendor Homepage: https://www.auo.com/zh-TW Version: AUO Solar Data Recorder all versions prior to v1.3.0 Tested on: It is a proprietary devices:...
AUO Solar Data Recorder < 1.3.0 - Incorrect Access Control
Exploit Title: AUO Solar Data Recorder - Incorrect Access Control Date: 2019-04-16 Exploit Author: Luca.Chiou Vendor Homepage: https://www.auo.com/zh-TW Version: AUO Solar Data Recorder all versions prior to v1.3.0 Tested on: It is a proprietary devices:...
CVE-2018-11367
CppCMS prior to 1.2.1 contains a denial-of-service vulnerability in the JSON parser module. Affected component: the JSON parser in CppCMS; affected versions are those before 1.2.1. The issue is documented across multiple sources (e.g., CVE-2018-11367). Practical impact is DoS via crafted JSON inp...
Internet Bug Bounty: CVE-2017-11367: Global buffer overflow (READ of size 4) in shoco C library
The shocodecompress function in the API in shoco through 2017-07-17 allows remote attackers to cause a denial of service buffer over-read and application crash via malformed compressed data. The vendor has been unresponsive since this was reported in February of 2017. ==19039==ERROR:...
CVE-2017-11367
CVE-2017-11367 affects the shoco C library’s shoco_decompress function in the API (up to 2017-07-17). A malformed compressed input can trigger a buffer over-read, causing a remote DoS and application crash. Public reports document a global-buffer-overflow symptom and a user-space crash (example s...