9 matches found
Beijing Baichuo Smart S210 Management Platform Code Issue Vulnerability
Beijing Baichuo Smart S210 Management Platform is a multi-service security gateway intelligent management platform from Beijing Baichuo, China. A code issue exists in Beijing Baichuo Smart S210 Management Platform version 20240117 and prior versions, where an incorrect operation of the parameter...
Sql injection
A vulnerability classified as critical has been found in Beijing Baichuo S210 up to 20231210. Affected is an unknown function of the file /importexport.php. The manipulation of the argument sql leads to injection. It is possible to launch the attack remotely. The exploit has been disclosed to the...
CVE-2023-7039
The CVE-2023-7039 entry concerns an injection vulnerability in the file /importexport.php of Byzoro S210 (and Beijing Baichuo S210 up to 20231210 per PT-2023-32847). The issue arises from manipulating the sql argument, enabling remote exploitation. Public disclosure is indicated; multiple sources...
Out-of-bounds
A vulnerability was found in Beijing Baichuo S210 up to 20231123. It has been declared as critical. This vulnerability affects unknown code of the file /Tool/uploadfile.php of the component HTTP POST Request Handler. The manipulation of the argument fileupload leads to unrestricted upload. The...
CVE-2023-6576
CVE-2023-6576 affects Byzoro S210 (up to 20231123) and also mentions Beijing Baichuo S210 in related records. The vulnerability is in the HTTP POST Request Handler’s /Tool/uploadfile.php, where manipulating the file_upload argument enables unrestricted file uploads. This allows remote exploitatio...
Sql injection
A vulnerability was found in Beijing Baichuo S210 up to 20231121. It has been classified as critical. This affects an unknown part of the file /Tool/repair.php of the component HTTP POST Request Handler. The manipulation of the argument txt leads to sql injection. It is possible to initiate the...
CVE-2023-6575
CVE-2023-6575 affects Beijing/Byzoro S210 up to 20231121. A SQL injection arises from manipulating the txt argument in the /Tool/repair.php HTTP POST handler, enabling remote exploitation. Public exploits/disclosures exist. Several connected sources corroborate the affected component and vulnerab...
PT-2023-32703 · Byzoro +1 · Byzoro S210 +1
Name of the Vulnerable Software and Affected Versions: Byzoro S210 up to 20231123 Beijing Baichuo S210 up to 20231123 Description: A critical vulnerability affects the HTTP POST Request Handler component, specifically the file /Tool/uploadfile.php. The manipulation of the file upload argument lea...
PT-2023-32702 · Beijing Baichuo · Beijing Baichuo S210
Name of the Vulnerable Software and Affected Versions: Beijing Baichuo S210 up to 20231121 Description: A critical issue has been found, affecting an unknown part of the file /Tool/repair.php of the component HTTP POST Request Handler. The manipulation of the txt argument leads to SQL injection. ...