21 matches found
CVE-2019-11367
An issue was discovered in AUO Solar Data Recorder before 1.3.0. The web portal uses HTTP Basic Authentication and provides the account and password in the WWW-Authenticate attribute. By using this account and password, anyone can login successfully...
EUVD-2019-3045
Malware in sbrugna...
EUVD-2019-3046
Malware in sbrugna...
CVE-2019-11368
Stored XSS was discovered in AUO Solar Data Recorder before 1.3.0 via the protect/config.htm addr parameter...
CVE-2019-11368
Stored XSS was discovered in AUO Solar Data Recorder before 1.3.0 via the protect/config.htm addr parameter...
Cross site scripting
Stored XSS was discovered in AUO Solar Data Recorder before 1.3.0 via the protect/config.htm addr parameter...
Hardcoded credentials
An issue was discovered in AUO Solar Data Recorder before 1.3.0. The web portal uses HTTP Basic Authentication and provides the account and password in the WWW-Authenticate attribute. By using this account and password, anyone can login successfully...
CVE-2019-11367
An issue was discovered in AUO Solar Data Recorder before 1.3.0. The web portal uses HTTP Basic Authentication and provides the account and password in the WWW-Authenticate attribute. By using this account and password, anyone can login successfully...
CVE-2019-11367
An issue was discovered in AUO Solar Data Recorder before 1.3.0. The web portal uses HTTP Basic Authentication and provides the account and password in the WWW-Authenticate attribute. By using this account and password, anyone can login successfully...
CVE-2019-11367
CVE-2019-11367 affects AUO Solar Data Recorder pre-1.3.0. The web portal uses HTTP Basic Authentication and leaks credentials via the WWW-Authenticate header, allowing login with exposed account/password without further authentication. Exploitable by accessing the /protect/ area; multiple public ...
CVE-2019-11367
An issue was discovered in AUO Solar Data Recorder before 1.3.0. The web portal uses HTTP Basic Authentication and provides the account and password in the WWW-Authenticate attribute. By using this account and password, anyone can login successfully...
CVE-2019-11368
Stored XSS was discovered in AUO Solar Data Recorder before 1.3.0 via the protect/config.htm addr parameter...
CVE-2019-11368
AU Optronics Solar Data Recorder prior to version 1.3.0 is affected by CVE-2019-11368: a stored XSS vulnerability in the web interface reachable via the protect/config.htm addr parameter. The issue permits script execution within the context of an authenticated user (stored in the application's b...
AUO Solar Data Recorder Incorrect Access Control
Exploit Title: AUO Solar Data Recorder - Incorrect Access Control Date: 2019-04-16 Exploit Author: Luca.Chiou Vendor Homepage: https://www.auo.com/zh-TW Version: AUO Solar Data Recorder all versions prior to v1.3.0 Tested on: It is a proprietary devices:...
AUO Solar Data Recorder 1.3.0 - Incorrect Access Control
AUO Solar Data Recorder 1.3.0 - Incorrect Access Control Exploit Title: AUO Solar Data Recorder - Incorrect Access Control Date: 2019-04-16 Exploit Author: Luca.Chiou Vendor Homepage: https://www.auo.com/zh-TW Version: AUO Solar Data Recorder all versions prior to v1.3.0 Tested on: It is a...
AUO Solar Data Recorder < 1.3.0 - Incorrect Access Control
Exploit for hardware platform in category web applications Exploit Title: AUO Solar Data Recorder - Incorrect Access Control Exploit Author: Luca.Chiou Vendor Homepage: https://www.auo.com/zh-TW Version: AUO Solar Data Recorder all versions prior to v1.3.0 Tested on: It is a proprietary devices:...
AUO Solar Data Recorder < 1.3.0 - Incorrect Access Control
Exploit Title: AUO Solar Data Recorder - Incorrect Access Control Date: 2019-04-16 Exploit Author: Luca.Chiou Vendor Homepage: https://www.auo.com/zh-TW Version: AUO Solar Data Recorder all versions prior to v1.3.0 Tested on: It is a proprietary devices:...
AUO Solar Data Recorder < 1.3.0 - addr Cross-Site Scripting Vulnerability
Exploit for hardware platform in category web applications Exploit Title: AUO Solar Data Recorder - Stored XSS Exploit Author: Luca.Chiou Vendor Homepage: https://www.auo.com/zh-TW Version: AUO Solar Data Recorder all versions prior to v1.3.0 Tested on: It is a proprietary devices:...
AUO Solar Data Recorder 1.3.0 - addr Cross-Site Scripting
AUO Solar Data Recorder 1.3.0 - addr Cross-Site Scripting Exploit Title: AUO Solar Data Recorder - Stored XSS Date: 2019-04-16 Exploit Author: Luca.Chiou Vendor Homepage: https://www.auo.com/zh-TW Version: AUO Solar Data Recorder all versions prior to v1.3.0 Tested on: It is a proprietary devices...
AUO Solar Data Recorder < 1.3.0 - 'addr' Cross-Site Scripting
Exploit Title: AUO Solar Data Recorder - Stored XSS Date: 2019-04-16 Exploit Author: Luca.Chiou Vendor Homepage: https://www.auo.com/zh-TW Version: AUO Solar Data Recorder all versions prior to v1.3.0 Tested on: It is a proprietary devices:...