Lucene search
+L

9 matches found

cnnvd
cnnvd
added 2024/01/26 12:0 a.m.7 views

Beijing Baichuo Smart S210 Management Platform Code Issue Vulnerability

Beijing Baichuo Smart S210 Management Platform is a multi-service security gateway intelligent management platform from Beijing Baichuo, China. A code issue exists in Beijing Baichuo Smart S210 Management Platform version 20240117 and prior versions, where an incorrect operation of the parameter...

9.8CVSS7.1AI score0.43777EPSS
Exploits1References5
prion
prion
added 2023/12/21 7:15 p.m.22 views

Sql injection

A vulnerability classified as critical has been found in Beijing Baichuo S210 up to 20231210. Affected is an unknown function of the file /importexport.php. The manipulation of the argument sql leads to injection. It is possible to launch the attack remotely. The exploit has been disclosed to the...

6.5CVSS7.8AI score0.14225EPSS
Exploits1References3Affected Software1
cve
cve
added 2023/12/21 6:31 p.m.82 views

CVE-2023-7039

The CVE-2023-7039 entry concerns an injection vulnerability in the file /importexport.php of Byzoro S210 (and Beijing Baichuo S210 up to 20231210 per PT-2023-32847). The issue arises from manipulating the sql argument, enabling remote exploitation. Public disclosure is indicated; multiple sources...

9.8CVSS8.4AI score0.14225EPSS
Exploits1References4Affected Software1
prion
prion
added 2023/12/07 9:15 p.m.22 views

Out-of-bounds

A vulnerability was found in Beijing Baichuo S210 up to 20231123. It has been declared as critical. This vulnerability affects unknown code of the file /Tool/uploadfile.php of the component HTTP POST Request Handler. The manipulation of the argument fileupload leads to unrestricted upload. The...

6.5CVSS7.2AI score0.01365EPSS
Exploits0References3Affected Software1
cve
cve
added 2023/12/07 8:31 p.m.54 views

CVE-2023-6576

CVE-2023-6576 affects Byzoro S210 (up to 20231123) and also mentions Beijing Baichuo S210 in related records. The vulnerability is in the HTTP POST Request Handler’s /Tool/uploadfile.php, where manipulating the file_upload argument enables unrestricted file uploads. This allows remote exploitatio...

8.8CVSS7.6AI score0.01365EPSS
Exploits0References4Affected Software1
prion
prion
added 2023/12/07 8:15 p.m.19 views

Sql injection

A vulnerability was found in Beijing Baichuo S210 up to 20231121. It has been classified as critical. This affects an unknown part of the file /Tool/repair.php of the component HTTP POST Request Handler. The manipulation of the argument txt leads to sql injection. It is possible to initiate the...

6.5CVSS7.6AI score0.02838EPSS
Exploits1References3Affected Software1
cve
cve
added 2023/12/07 8:0 p.m.60 views

CVE-2023-6575

CVE-2023-6575 affects Beijing/Byzoro S210 up to 20231121. A SQL injection arises from manipulating the txt argument in the /Tool/repair.php HTTP POST handler, enabling remote exploitation. Public exploits/disclosures exist. Several connected sources corroborate the affected component and vulnerab...

8.8CVSS7.8AI score0.02838EPSS
Exploits1References4Affected Software1
ptsecurity
ptsecurity
added 2023/12/07 12:0 a.m.6 views

PT-2023-32703 · Byzoro +1 · Byzoro S210 +1

Name of the Vulnerable Software and Affected Versions: Byzoro S210 up to 20231123 Beijing Baichuo S210 up to 20231123 Description: A critical vulnerability affects the HTTP POST Request Handler component, specifically the file /Tool/uploadfile.php. The manipulation of the file upload argument lea...

8.8CVSS6.6AI score0.01365EPSS
Exploits0References8
ptsecurity
ptsecurity
added 2023/12/07 12:0 a.m.6 views

PT-2023-32702 · Beijing Baichuo · Beijing Baichuo S210

Name of the Vulnerable Software and Affected Versions: Beijing Baichuo S210 up to 20231121 Description: A critical issue has been found, affecting an unknown part of the file /Tool/repair.php of the component HTTP POST Request Handler. The manipulation of the txt argument leads to SQL injection. ...

8.8CVSS7.2AI score0.02838EPSS
Exploits1References8
Rows per page
Query Builder