80 matches found
CVE-2025-11908
A security flaw has been discovered in Shenzhen Ruiming Technology Streamax Crocus 1.3.40. The affected element is the function uploadFile of the file /FileDir.do?Action=Upload. Performing manipulation of the argument File results in unrestricted upload. The attack is possible to be carried out...
CVE-2025-11909 Shenzhen Ruiming Technology Streamax Crocus RepairRecord.do queryLast sql injection
A weakness has been identified in Shenzhen Ruiming Technology Streamax Crocus 1.3.40. The impacted element is the function queryLast of the file /RepairRecord.do?Action=QueryLast. Executing manipulation of the argument orderField can lead to sql injection. The attack may be performed from remote...
CVE-2025-11909 Shenzhen Ruiming Technology Streamax Crocus RepairRecord.do queryLast sql injection
A weakness has been identified in Shenzhen Ruiming Technology Streamax Crocus 1.3.40. The impacted element is the function queryLast of the file /RepairRecord.do?Action=QueryLast. Executing manipulation of the argument orderField can lead to sql injection. The attack may be performed from remote...
CVE-2025-11909
CVE-2025-11909 affects Shenzhen Ruiming Technology Streamax Crocus (v1.3.40). The vulnerable element is the function queryLast in /RepairRecord.do?Action=QueryLast, where manipulating the argument orderField enables SQL injection. The flaw can be exploited remotely and public PoCs exist. Affected...
CVE-2025-11908 Shenzhen Ruiming Technology Streamax Crocus FileDir.do uploadFile unrestricted upload
A security flaw has been discovered in Shenzhen Ruiming Technology Streamax Crocus 1.3.40. The affected element is the function uploadFile of the file /FileDir.do?Action=Upload. Performing manipulation of the argument File results in unrestricted upload. The attack is possible to be carried out...
CVE-2025-11908 Shenzhen Ruiming Technology Streamax Crocus FileDir.do uploadFile unrestricted upload
A security flaw has been discovered in Shenzhen Ruiming Technology Streamax Crocus 1.3.40. The affected element is the function uploadFile of the file /FileDir.do?Action=Upload. Performing manipulation of the argument File results in unrestricted upload. The attack is possible to be carried out...
CVE-2025-11908
The CVE-2025-11908 entry describes a remote, unrestricted file-upload flaw in Shenzhen Ruiming Technology Streamax Crocus 1.3.40. The vulnerable component is the uploadFile function under the endpoint /FileDir.do?Action=Upload; malicious manipulation of the File argument enables unrestricted file...
Streamax Crocus SQL注入漏洞
Streamax Crocus is a system used by China Ruiming Streamax to reduce commercial vehicles to reduce traffic accidents and cargo loss. A SQL injection vulnerability exists in Streamax Crocus version 1.3.40, which stems from incorrect manipulation of the parameter orderField in the file...
Streamax Crocus 路径遍历漏洞
Streamax Crocus is a system used by China Ruiming Streamax to reduce commercial vehicles to reduce traffic accidents and cargo loss. A path traversal vulnerability exists in Streamax Crocus version 1.3.40, which stems from incorrect manipulation of the parameter Path in the file /Service.do, and...
Streamax Crocus SQL注入漏洞
Streamax Crocus is a system used by China Ruiming Streamax to reduce commercial vehicles to reduce traffic accidents and cargo loss. A SQL injection vulnerability exists in Streamax Crocus version 1.3.40, which stems from incorrect manipulation of the parameter orderField in the file...
Streamax Crocus SQL注入漏洞
Streamax Crocus is a system used by China Ruiming Streamax to reduce commercial vehicles to reduce traffic accidents and cargo loss. A SQL injection vulnerability exists in Streamax Crocus version 1.3.40, which stems from incorrect manipulation of the parameter orderField in the file...
Streamax Crocus 代码问题漏洞
Streamax Crocus is a system used by China Ruiming Streamax to reduce commercial vehicles to reduce traffic accidents and cargo loss. A code issue vulnerability exists in Streamax Crocus version 1.3.40, which stems from an incorrect manipulation of the parameter File in File/FileDir.do and could...
Streamax Crocus SQL注入漏洞
Streamax Crocus is a system used by China Ruiming Streamax to reduce commercial vehicles to reduce traffic accidents and cargo loss. A SQL injection vulnerability exists in Streamax Crocus version 1.3.40, which stems from incorrect manipulation of the parameter sortField in the file...
Streamax Crocus 路径遍历漏洞
Streamax Crocus is a system used by China Ruiming Streamax to reduce commercial vehicles to reduce traffic accidents and cargo loss. A path traversal vulnerability exists in Streamax Crocus version 1.3.40, which stems from incorrect manipulation of the parameter FilePath in the file...
Weak password vulnerability in Crocus
Crocus is an energy data analytics platform. Crocus suffers from a weak password vulnerability that can be exploited by attackers to obtain sensitive information...
crocus-hall.ru XSS vulnerability
Open Bug Bounty ID: OBB-709464 Description| Value ---|--- Affected Website:| crocus-hall.ru Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| hidden...
crocus-hall.ru XSS vulnerability
Open Bug Bounty ID: OBB-557212 Description| Value ---|--- Affected Website:| crocus-hall.ru Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| hidden until disclosure Disclosure Standard:| Coordinated Disclosure based on ISO 2914...
crocus-hall.ru XSS vulnerability
Open Bug Bounty ID: OBB-556051 Description| Value ---|--- Affected Website:| crocus-hall.ru Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
crocus-hall.ru XSS vulnerability
Open Bug Bounty ID: OBB-407833 Description| Value ---|--- Affected Website:| crocus-hall.ru Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat...
crocus-expo.ru Open Redirect vulnerability
Vulnerable URL: http://www.crocus-expo.ru/bitrix/rk.php?goto=http://openbugbounty.org Details: Description| Value ---|--- Patched:| Yes, at 27.07.2017 Latest check for patch:| 27.07.2017 10:31 GMT Vulnerability type:| Open Redirect Vulnerability status:| Publicly disclosed Alexa Rank| 312569 VIP...