2 matches found
CVE-2018-25159
Epross AVCON6 systems management platform contains an object-graph navigation language OGNL injection vulnerability that allows unauthenticated attackers to execute arbitrary commands by injecting malicious OGNL expressions. Attackers can send crafted requests to the login.action endpoint with OG...
SQL Injection Vulnerability in AVCON6 System Management Platform Name Parameter at Warburg Pincus Information Technology Co.
Huaping Information Technology Co., Ltd. is committed to promoting the innovation of business models in various industries and the enhancement of people's life intelligence through the innovative "Internet +" video technology. A SQL injection vulnerability exists in the name parameter of AVCON6...