15 matches found
EUVD-2018-21645
GPS Tracking System 2.12 contains an SQL injection vulnerability that allows unauthenticated attackers to bypass authentication by injecting SQL code through the username parameter. Attackers can submit crafted POST requests to the login.php endpoint with SQL injection payloads in the username...
CVE-2018-25192
GPS Tracking System 2.12 contains an SQL injection vulnerability that allows unauthenticated attackers to bypass authentication by injecting SQL code through the username parameter. Attackers can submit crafted POST requests to the login.php endpoint with SQL injection payloads in the username...
CVE-2018-25192 GPS Tracking System 2.12 SQL Injection via username Parameter
GPS Tracking System 2.12 contains an SQL injection vulnerability that allows unauthenticated attackers to bypass authentication by injecting SQL code through the username parameter. Attackers can submit crafted POST requests to the login.php endpoint with SQL injection payloads in the username...
CVE-2018-25192 GPS Tracking System 2.12 SQL Injection via username Parameter
GPS Tracking System 2.12 contains an SQL injection vulnerability that allows unauthenticated attackers to bypass authentication by injecting SQL code through the username parameter. Attackers can submit crafted POST requests to the login.php endpoint with SQL injection payloads in the username...
CVE-2018-25192
GPS Tracking System 2.12 is vulnerable to SQL injection via the username parameter in login.php, allowing unauthenticated bypass of authentication. The underlying issue is a SQL injection in the login flow, enabling attackers to gain unauthorized access without valid credentials. Reported impact ...
PT-2026-23702
GPS Tracking System 2.12 contains an SQL injection vulnerability that allows unauthenticated attackers to bypass authentication by injecting SQL code through the username parameter. Attackers can submit crafted POST requests to the login.php endpoint with SQL injection payloads in the username...
CVE-2020-5246
Traccar GPS Tracking System before version 4.9 has a LDAP injection vulnerability. It occurs when user input is being used in LDAP search filter. By providing specially crafted input, an attacker can modify the logic of the LDAP query and get admin privileges. The issue only impacts instances wit...
CVE-2023-50729
CVE-2023-50729 affects Traccar before version 5.11, due to an unrestricted file upload vulnerability in the File feature. The issue allows an attacker to execute arbitrary code on the server and is particularly risky because Traccar can operate with root privileges and can write to arbitrary loca...
CVE-2021-21292
Traccar is an open source GPS tracking system. In Traccar before version 4.12 there is an unquoted Windows binary path vulnerability. Only Windows versions are impacted. Attacker needs write access to the filesystem on the host machine. If Java path includes a space, then attacker can lift their...
CVE-2020-5246
Traccar GPS Tracking System before version 4.9 has a LDAP injection vulnerability. It occurs when user input is being used in LDAP search filter. By providing specially crafted input, an attacker can modify the logic of the LDAP query and get admin privileges. The issue only impacts instances wit...
CVE-2020-5246
Traccar GPS Tracking System before version 4.9 has a LDAP injection vulnerability. It occurs when user input is being used in LDAP search filter. By providing specially crafted input, an attacker can modify the logic of the LDAP query and get admin privileges. The issue only impacts instances wit...
CVE-2020-5246 LDAP injection vulnerability in Traccar GPS Tracking System
Traccar GPS Tracking System before version 4.9 has a LDAP injection vulnerability. It occurs when user input is being used in LDAP search filter. By providing specially crafted input, an attacker can modify the logic of the LDAP query and get admin privileges. The issue only impacts instances wit...
European Security Services GPS 1.x SQL Injection / Bypass
Title: ====== European Security Services GPS 1.x - Multiple Vulnerabilities Date: ===== 2011-09-28 VL-ID: ===== 63 Reference: ========== http://www.vulnerability-lab.com/getcontent.php?id=63 Introduction: ============= Für eine geringe Ortungsgebühr erhalten Sie einen Zugang zu unserem Online...
ESecurityServices GPS v1.0 - Multiple Vulnerabilities
Document Title: =============== ESecurityServices GPS v1.0 - Multiple Vulnerabilities Release Date: ============= 2011-09-27 Vulnerability Laboratory ID VL-ID: ==================================== 63 Product & Service Introduction: =============================== Für eine geringe Ortungsgebühr...
ESecurityServices GPS v1.0 - Multiple Vulnerabilities
Document Title: =============== ESecurityServices GPS v1.0 - Multiple Vulnerabilities Release Date: ============= 2011-09-27 Vulnerability Laboratory ID VL-ID: ==================================== 63 Product & Service Introduction: =============================== Für eine geringe Ortungsgebühr...