13 matches found
EUVD-2021-12778
Malware in sbrugna...
CVE-2021-25898
An issue was discovered in svc-login.php in Void Aural Rec Monitor 9.0.0.1. Passwords are stored in unencrypted source-code text files. This was noted when accessing the svc-login.php file. The value is used to authenticate a high-privileged user upon authenticating with the server...
CVE-2021-25899
An issue was discovered in svc-login.php in Void Aural Rec Monitor 9.0.0.1. An unauthenticated attacker can send a crafted HTTP request to perform a blind time-based SQL Injection. The vulnerable parameter is param1...
Void Aural Rec Monitor SQL Injection Vulnerability
Void Aural Rec Monitor is an application from the Spanish company Void. Aural Rec Monitor version 9.0.0.1 suffers from a SQL injection vulnerability, which originates in svc-login.php, where an unauthenticated attacker sends a crafted HTTP request to perform a blind time-based SQL injection...
Void Aural Rec Monitor Information Disclosure Vulnerability
Void Aural Rec Monitor is an application from the Spanish company Void. Void Aural Rec Monitor in version 9.0.0.1 suffers from an information disclosure vulnerability that originates from the svc-login.php password being stored in an unencrypted source code text file, which can be exploited to ga...
CVE-2021-25899
An issue was discovered in svc-login.php in Void Aural Rec Monitor 9.0.0.1. An unauthenticated attacker can send a crafted HTTP request to perform a blind time-based SQL Injection. The vulnerable parameter is param1...
CVE-2021-25899
An issue was discovered in svc-login.php in Void Aural Rec Monitor 9.0.0.1. An unauthenticated attacker can send a crafted HTTP request to perform a blind time-based SQL Injection. The vulnerable parameter is param1...
Code injection
An issue was discovered in svc-login.php in Void Aural Rec Monitor 9.0.0.1. Passwords are stored in unencrypted source-code text files. This was noted when accessing the svc-login.php file. The value is used to authenticate a high-privileged user upon authenticating with the server...
CVE-2021-25899
An issue was discovered in svc-login.php in Void Aural Rec Monitor 9.0.0.1. An unauthenticated attacker can send a crafted HTTP request to perform a blind time-based SQL Injection. The vulnerable parameter is param1...
CVE-2021-25899
Void Aural Rec Monitor 9.0.0.1 contains a SQL injection in svc-login.php (param1) exploitable via blind time-based requests. An unauthenticated attacker can trigger the vulnerability to potentially read data, modify data, and perform unauthorized administrative actions. No exploit details are pro...
CVE-2021-25898
The CVE-2021-25898 entry relates to Void Aural Rec Monitor 9.0.0.1, where passwords are stored in unencrypted source-code text files within svc-login.php. This creates an information-disclosure risk because the credential value is used to authenticate a high-privileged user when accessing the ser...
Void Aural Rec Monitor 信任管理问题漏洞
Void Aural Rec Monitor is an application from the Spanish company Void. Void Aural Rec Monitor in version 9.0.0.1 suffers from an information disclosure vulnerability that originates from the svc-login.php password being stored in an unencrypted source code text file, which can be exploited to ga...
Void Aural Rec Monitor SQL注入漏洞
Void Aural Rec Monitor is an application from the Spanish company Void. Aural Rec Monitor version 9.0.0.1 suffers from a SQL injection vulnerability, which originates in svc-login.php, where an unauthenticated attacker sends a crafted HTTP request to perform a blind time-based SQL injection...