10 matches found
CVE-2024-29667
SQL Injection vulnerability in Tongtianxing Technology Co., Ltd CMSV6 v.7.31.0.2 through v.7.31.0.3 allows a remote attacker to escalate privileges and obtain sensitive information via the ids parameter...
Tongtianxing CMSV6 SQL注入漏洞
Tongtianxing CMSV6 is a vehicle information based data platform from Tongtianxing. A SQL injection vulnerability exists in Tongtianxing CMSV6 versions v.7.31.0.2 through v.7.31.0.3, which could allow a remote attacker to elevate privileges and gain access to sensitive information via the ids...
CVE-2024-29667
SQL Injection vulnerability in Tongtianxing Technology Co., Ltd CMSV6 v.7.31.0.2 through v.7.31.0.3 allows a remote attacker to escalate privileges and obtain sensitive information via the ids parameter...
PT-2024-22956 · Tongtianxing Technology Co. · Cmsv6
Name of the Vulnerable Software and Affected Versions: Tongtianxing Technology Co., Ltd CMSV6 versions 7.31.0.2 through 7.31.0.3 Description: The issue allows a remote attacker to escalate privileges and obtain sensitive information via the ids parameter. This is a SQL Injection vulnerability...
CVE-2024-29667
Affected: Tongtianxing CMSV6 v7.31.0.2–7.31.0.3. Issue: SQL injection via the ids parameter, enabling remote privilege escalation and access to sensitive data. Root cause: improper input handling allowing SQL injection. Impact: high (privilege escalation, data disclosure). Remediation: no patch/v...
CVE-2024-29667
SQL Injection vulnerability in Tongtianxing Technology Co., Ltd CMSV6 v.7.31.0.2 through v.7.31.0.3 allows a remote attacker to escalate privileges and obtain sensitive information via the ids parameter...
CVE-2024-29666
Insecure Permissions vulnerability in Vehicle Monitoring platform system CMSV6 v.7.31.0.2 through v.7.32.0.3 allows a remote attacker to escalate privileges via the default password component...
CVE-2024-29666
Insecure Permissions vulnerability in Vehicle Monitoring platform system CMSV6 v.7.31.0.2 through v.7.32.0.3 allows a remote attacker to escalate privileges via the default password component...
CVE-2024-29666
CMSV6 Vehicle Monitoring platform (CMSV6) versions 7.31.0.2 through 7.32.0.3 contain an Insecure Permissions flaw that allows a remote attacker to escalate privileges via the default password component. Root cause is improper privilege management related to the default password mechanism. Red Hat...
CVE-2024-29666
Insecure Permissions vulnerability in Vehicle Monitoring platform system CMSV6 v.7.31.0.2 through v.7.32.0.3 allows a remote attacker to escalate privileges via the default password component...